Login Sign Up

CVE-2020-11124

7.8 HIGH

📋 TL;DR

This CVE describes a use-after-free vulnerability in Qualcomm Snapdragon chipsets' diag client map table. An attacker could potentially execute arbitrary code or cause denial of service by exploiting memory corruption after list reallocation. Affected devices include smartphones, automotive systems, IoT devices, and computing platforms using specific Snapdragon processors.

💻 Affected Systems

Products:
  • Snapdragon Auto
  • Snapdragon Compute
  • Snapdragon Consumer IOT
  • Snapdragon Industrial IOT
  • Snapdragon Mobile
  • Snapdragon Voice & Music
Versions: Specific firmware versions on affected chipsets
Operating Systems: Android-based systems and other embedded OS using affected chipsets
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the chipset firmware/drivers, affecting multiple device types across different industries.

📦 What is this software?

Mdm9607 Firmware by Qualcomm

View all CVEs affecting Mdm9607 Firmware →

Nicobar Firmware by Qualcomm

View all CVEs affecting Nicobar Firmware →

Qcs404 Firmware by Qualcomm

View all CVEs affecting Qcs404 Firmware →

Qcs405 Firmware by Qualcomm

View all CVEs affecting Qcs405 Firmware →

Qcs610 Firmware by Qualcomm

View all CVEs affecting Qcs610 Firmware →

Rennell Firmware by Qualcomm

View all CVEs affecting Rennell Firmware →

Sa6155p Firmware by Qualcomm

View all CVEs affecting Sa6155p Firmware →

Sa8155p Firmware by Qualcomm

View all CVEs affecting Sa8155p Firmware →

Saipan Firmware by Qualcomm

View all CVEs affecting Saipan Firmware →

Sc8180x Firmware by Qualcomm

View all CVEs affecting Sc8180x Firmware →

Sdm660 Firmware by Qualcomm

View all CVEs affecting Sdm660 Firmware →

Sdx55 Firmware by Qualcomm

View all CVEs affecting Sdx55 Firmware →

Sm6150 Firmware by Qualcomm

View all CVEs affecting Sm6150 Firmware →

Sm7150 Firmware by Qualcomm

View all CVEs affecting Sm7150 Firmware →

Sm8150 Firmware by Qualcomm

View all CVEs affecting Sm8150 Firmware →

Sm8250 Firmware by Qualcomm

View all CVEs affecting Sm8250 Firmware →

Sxr2130 Firmware by Qualcomm

View all CVEs affecting Sxr2130 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete device compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated permissions on affected devices.

🟢

If Mitigated

Denial of service or application crash if exploitation attempts are detected and blocked.

🌐 Internet-Facing: MEDIUM - Requires specific conditions and potentially local access, but could be chained with other vulnerabilities.
🏢 Internal Only: HIGH - Direct access to vulnerable devices could lead to privilege escalation and lateral movement.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access or ability to execute code on the device. No public exploit code is known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Vendor-specific firmware updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches through OEM update channels. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict diagnostic access

all

Limit access to diagnostic interfaces and services on affected devices

🧯 If You Can't Patch

  • Segment affected devices from critical networks
  • Implement strict access controls and monitoring for devices with vulnerable chipsets

🔍 How to Verify

Check if Vulnerable:

Check device chipset model and firmware version against Qualcomm's advisory

Check Version:

Device-specific commands vary by manufacturer (e.g., Android: 'getprop ro.bootloader' or check Settings > About)

Verify Fix Applied:

Verify firmware version has been updated to patched version from manufacturer

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • Memory corruption errors in system logs
  • Unexpected process crashes

Network Indicators:

  • Unusual diagnostic protocol traffic
  • Suspicious local service connections

SIEM Query:

Search for kernel panic events or memory corruption errors in device logs

📊 Metadata

CVE ID: CVE-2020-11124
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
Published: September 9, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-11124, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)