CVE-2020-11210

Q: What is the severity of CVE-2020-11210?

CVE-2020-11210 has a CVSS score of 9.3 (CRITICAL). This vulnerability allows memory corruption in the RPM region due to improper XPU configuration in Qualcomm Snapdragon chipsets. It affects devices using Snapdragon Connectivity, Industrial IOT, Mobile, and Wired Infrastructure and Networking chips. Successful exploitation could lead to arbitrary code execution or system compromise.

9.3 CRITICAL

📋 TL;DR

This vulnerability allows memory corruption in the RPM region due to improper XPU configuration in Qualcomm Snapdragon chipsets. It affects devices using Snapdragon Connectivity, Industrial IOT, Mobile, and Wired Infrastructure and Networking chips. Successful exploitation could lead to arbitrary code execution or system compromise.

💻 Affected Systems

Products:

Snapdragon Connectivity
Snapdragon Industrial IOT
Snapdragon Mobile
Snapdragon Wired Infrastructure and Networking

Versions: Specific chipset versions not detailed in public advisory

Operating Systems: Android, Embedded Linux, Other Qualcomm-based systems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Qualcomm chipsets across multiple product lines; exact chip models not specified in public bulletin.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing remote code execution, privilege escalation, and persistent access to affected systems.

🟠

Likely Case

System instability, crashes, or denial of service leading to device malfunction.

🟢

If Mitigated

Limited impact with proper memory protection mechanisms and security controls in place.

🌐 Internet-Facing: HIGH - Affects mobile and IoT devices often directly exposed to networks.

🏢 Internal Only: MEDIUM - Internal devices could be exploited through lateral movement or malicious apps.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Memory corruption vulnerabilities typically require specific conditions to exploit but can be leveraged by malicious applications or network attacks.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm April 2021 security bulletin for specific chipset updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates 2. Apply Qualcomm-provided patches 3. Update device firmware 4. Reboot device

🔧 Temporary Workarounds

Application Sandboxing

all

Restrict application permissions and isolate untrusted applications

Network Segmentation

all

Isolate affected devices from critical networks

🧯 If You Can't Patch

Isolate affected devices in separate network segments
Implement strict application whitelisting and permission controls

🔍 How to Verify

Check if Vulnerable:

Check device chipset information and compare with Qualcomm's affected products list

Check Version:

Device-specific commands vary by manufacturer (e.g., Android: 'getprop ro.bootloader' or 'cat /proc/cpuinfo')

Verify Fix Applied:

Verify firmware version matches patched versions from device manufacturer

📡 Detection & Monitoring

Log Indicators:

Kernel panics
Memory corruption errors
Unexpected system reboots

Network Indicators:

Unusual outbound connections from embedded devices
Anomalous traffic patterns

SIEM Query:

Device logs showing memory access violations or kernel crashes

📊 Metadata

CVE ID: CVE-2020-11210

CVSS v3 Score: 9.3 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-787

Published: April 7, 2021

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Pm4125 Firmware by Qualcomm

Pm4250 Firmware by Qualcomm

Pm6125 Firmware by Qualcomm

Pm6150a Firmware by Qualcomm

Pm6150l Firmware by Qualcomm

Pm6350 Firmware by Qualcomm

Pm7250b Firmware by Qualcomm

Pm8008 Firmware by Qualcomm

Pmd9655 Firmware by Qualcomm

Pmi632 Firmware by Qualcomm

Pmk8003 Firmware by Qualcomm

Qat3519 Firmware by Qualcomm

Qat3522 Firmware by Qualcomm

Qat3555 Firmware by Qualcomm

Qat5515 Firmware by Qualcomm

Qat5516 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca9984 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs405 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qdm2301 Firmware by Qualcomm

Qdm2302 Firmware by Qualcomm

Qet4101 Firmware by Qualcomm

Qet6105 Firmware by Qualcomm

Qpa4360 Firmware by Qualcomm

Qpa4361 Firmware by Qualcomm

Qpa6560 Firmware by Qualcomm

Qpa8673 Firmware by Qualcomm

Qsw6310 Firmware by Qualcomm

Qsw8573 Firmware by Qualcomm

Qsw8574 Firmware by Qualcomm

Qtc410s Firmware by Qualcomm

Qtm525 Firmware by Qualcomm

Sd460 Firmware by Qualcomm

Sd480 Firmware by Qualcomm

Sd662 Firmware by Qualcomm

Sd665 Firmware by Qualcomm

Sdr425 Firmware by Qualcomm

Sdr660 Firmware by Qualcomm

Sdr735 Firmware by Qualcomm

Sdr735g Firmware by Qualcomm

Sm4125 Firmware by Qualcomm

Smb1351 Firmware by Qualcomm

Smb1354 Firmware by Qualcomm

Smb1355 Firmware by Qualcomm

Smb1396 Firmware by Qualcomm

Smr526 Firmware by Qualcomm

Wcd9370 Firmware by Qualcomm

Wcd9375 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcn3910 Firmware by Qualcomm

Wcn3950 Firmware by Qualcomm

Wcn3980 Firmware by Qualcomm

Wcn3988 Firmware by Qualcomm

Wcn3991 Firmware by Qualcomm

Wcn3998 Firmware by Qualcomm

Wcn3999 Firmware by Qualcomm

Wcn6850 Firmware by Qualcomm

Wgr7640 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm

Wtr2965 Firmware by Qualcomm

Wtr3925 Firmware by Qualcomm