CVE-2020-11203

Q: What is the severity of CVE-2020-11203?

CVE-2020-11203 has a CVSS score of 7.1 (HIGH). This vulnerability is a stack buffer overflow in Qualcomm Snapdragon chipsets that occurs when processing GSM/WCDMA broadcast configuration data. Attackers could exploit this to execute arbitrary code or cause denial of service on affected devices. The vulnerability affects multiple Snapdragon product lines including Auto, Mobile, Wearables, and IoT devices.

7.1 HIGH

📋 TL;DR

This vulnerability is a stack buffer overflow in Qualcomm Snapdragon chipsets that occurs when processing GSM/WCDMA broadcast configuration data. Attackers could exploit this to execute arbitrary code or cause denial of service on affected devices. The vulnerability affects multiple Snapdragon product lines including Auto, Mobile, Wearables, and IoT devices.

💻 Affected Systems

Products:

Snapdragon Auto
Sndapdragon Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Mobile
Snapdragon Wearables

Versions: Specific chipset versions not detailed in advisory; affected by firmware versions prior to February 2021 patches

Operating Systems: Android-based systems and other embedded OS using affected Snapdragon chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in baseband/radio firmware; affects devices regardless of OS version if using vulnerable chipset firmware

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data theft, or persistent backdoor installation

🟠

Likely Case

Denial of service causing device crashes or instability

🟢

If Mitigated

Limited impact with proper input validation and memory protections

🌐 Internet-Facing: MEDIUM - Requires specific network conditions and broadcast configuration manipulation

🏢 Internal Only: LOW - Primarily affects cellular network interfaces rather than internal network services

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires ability to send specially crafted GSM/WCDMA broadcast messages to target device

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates released in February 2021 security bulletin

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided firmware patches. 3. Reboot device to activate new firmware.

🔧 Temporary Workarounds

Network filtering

all

Filter malicious GSM/WCDMA broadcast messages at network level

🧯 If You Can't Patch

Isolate affected devices from untrusted cellular networks
Implement network monitoring for abnormal broadcast traffic patterns

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against manufacturer's patched versions; examine Qualcomm chipset firmware version

Check Version:

Device-specific commands vary by manufacturer; typically in Settings > About Phone > Baseband version

Verify Fix Applied:

Verify firmware version has been updated to post-February 2021 release

📡 Detection & Monitoring

Log Indicators:

Baseband processor crashes
Radio interface errors
Unexpected device reboots

Network Indicators:

Abnormal GSM/WCDMA broadcast traffic
Suspicious cellular network interactions

SIEM Query:

Not applicable - primarily firmware/radio level vulnerability

📊 Metadata

CVE ID: CVE-2020-11203

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-787

Published: February 22, 2021

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Apq8009w Firmware by Qualcomm

Apq8064au Firmware by Qualcomm

Apq8096au Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Pm215 Firmware by Qualcomm

Pm456 Firmware by Qualcomm

Pm6125 Firmware by Qualcomm

Pm6150 Firmware by Qualcomm

Pm6150a Firmware by Qualcomm

Pm6150l Firmware by Qualcomm

Pm6250 Firmware by Qualcomm

Pm640a Firmware by Qualcomm

Pm640l Firmware by Qualcomm

Pm640p Firmware by Qualcomm

Pm670 Firmware by Qualcomm

Pm670l Firmware by Qualcomm

Pm8004 Firmware by Qualcomm

Pm8005 Firmware by Qualcomm

Pm8008 Firmware by Qualcomm

Pm8009 Firmware by Qualcomm

Pm855 Firmware by Qualcomm

Pm855b Firmware by Qualcomm

Pm855l Firmware by Qualcomm

Pm855p Firmware by Qualcomm

Pm8916 Firmware by Qualcomm

Pm8998 Firmware by Qualcomm

Pmi632 Firmware by Qualcomm

Pmi8998 Firmware by Qualcomm

Pmk8002 Firmware by Qualcomm

Pmm6155au Firmware by Qualcomm

Pmm8155au Firmware by Qualcomm

Pmm8195au Firmware by Qualcomm

Pmm855au Firmware by Qualcomm

Pmm8996au Firmware by Qualcomm

Pmr735a Firmware by Qualcomm

Pmw3100 Firmware by Qualcomm

Pmx50 Firmware by Qualcomm

Pmx55 Firmware by Qualcomm

Qat3518 Firmware by Qualcomm

Qat3519 Firmware by Qualcomm

Qat3522 Firmware by Qualcomm

Qat3550 Firmware by Qualcomm

Qat3555 Firmware by Qualcomm

Qat5515 Firmware by Qualcomm

Qat5516 Firmware by Qualcomm

Qbt1500 Firmware by Qualcomm

Qbt2000 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6564 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qcs605 Firmware by Qualcomm

Qdm2301 Firmware by Qualcomm

Qdm2302 Firmware by Qualcomm

Qet4101 Firmware by Qualcomm

Qet5100 Firmware by Qualcomm

Qpa4360 Firmware by Qualcomm

Qpa4361 Firmware by Qualcomm

Qpa5460 Firmware by Qualcomm

Qpa6560 Firmware by Qualcomm

Qsw6310 Firmware by Qualcomm

Qsw8573 Firmware by Qualcomm

Qsw8574 Firmware by Qualcomm

Qtc410s Firmware by Qualcomm

Qtc800h Firmware by Qualcomm

Qtc800s Firmware by Qualcomm