CVE-2020-11214

Q: What is the severity of CVE-2020-11214?

CVE-2020-11214 has a CVSS score of 7.5 (HIGH). This vulnerability is a buffer over-read in Qualcomm Snapdragon firmware when processing NDL attributes with unexpected length. It allows reading beyond allocated memory boundaries, potentially exposing sensitive data or causing crashes. Affected devices include numerous Snapdragon-based products across automotive, mobile, compute, IoT, and networking segments.

7.5 HIGH

📋 TL;DR

This vulnerability is a buffer over-read in Qualcomm Snapdragon firmware when processing NDL attributes with unexpected length. It allows reading beyond allocated memory boundaries, potentially exposing sensitive data or causing crashes. Affected devices include numerous Snapdragon-based products across automotive, mobile, compute, IoT, and networking segments.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer Electronics Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Mobile
Snapdragon Voice & Music
Snapdragon Wired Infrastructure and Networking

Versions: Specific firmware versions not publicly detailed in advisory; affected by December 2020 security bulletin

Operating Systems: Embedded firmware on Snapdragon chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in firmware handling of NDL attributes; exact affected configurations depend on specific device implementations using vulnerable firmware.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive firmware data, potential remote code execution if combined with other vulnerabilities, or device crashes leading to denial of service.

🟠

Likely Case

Information disclosure of adjacent memory contents, potentially exposing sensitive data or causing firmware instability and crashes.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, potentially only causing local crashes without data exposure.

🌐 Internet-Facing: MEDIUM - Exploitation requires sending malformed NDL attributes to affected devices, which may be exposed via network interfaces.

🏢 Internal Only: MEDIUM - Internal attackers with network access to affected devices could potentially exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting malformed NDL attributes with unexpected length values; specific exploit details not publicly documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates included in December 2020 security bulletin

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided firmware patches. 3. Reboot affected devices. 4. Verify patch installation through version checks.

🔧 Temporary Workarounds

Network segmentation

all

Isolate affected devices from untrusted networks to limit attack surface

Input validation at application layer

all

Implement additional validation of NDL attributes before passing to firmware

🧯 If You Can't Patch

Segment affected devices in isolated network zones with strict access controls
Monitor network traffic for malformed NDL attribute patterns and implement rate limiting

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm's December 2020 security bulletin; devices with pre-patch firmware are vulnerable

Check Version:

Device-specific commands vary by manufacturer; typically through device management interfaces or manufacturer-specific tools

Verify Fix Applied:

Verify firmware version has been updated to post-December 2020 patches from device manufacturer

📡 Detection & Monitoring

Log Indicators:

Firmware crash logs
Memory access violation errors
Unexpected device reboots

Network Indicators:

Unusual NDL attribute traffic patterns
Malformed network discovery protocol packets

SIEM Query:

Search for firmware crash events OR memory violation errors on Snapdragon devices

📊 Metadata

CVE ID: CVE-2020-11214

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-125

Published: January 21, 2021

Last Updated: November 21, 2024

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aqt1000 by Qualcomm

Ar8031 by Qualcomm

Ar8035 by Qualcomm

Csr8811 by Qualcomm

Csra6620 by Qualcomm

Csra6640 by Qualcomm

Csrb31024 by Qualcomm

Ipq5010 by Qualcomm

Ipq5018 by Qualcomm

Ipq6000 by Qualcomm

Ipq6005 by Qualcomm

Ipq6010 by Qualcomm

Ipq6018 by Qualcomm

Ipq6028 by Qualcomm

Ipq8070 by Qualcomm

Ipq8070a by Qualcomm

Ipq8071 by Qualcomm

Ipq8071a by Qualcomm

Ipq8072 by Qualcomm

Ipq8072a by Qualcomm

Ipq8074 by Qualcomm

Ipq8074a by Qualcomm

Ipq8076 by Qualcomm

Ipq8076a by Qualcomm

Ipq8078 by Qualcomm

Ipq8078a by Qualcomm

Ipq8173 by Qualcomm

Ipq8174 by Qualcomm

Mdm9206 by Qualcomm

Pm3003a by Qualcomm

Pm4125 by Qualcomm

Pm456 by Qualcomm

Pm6125 by Qualcomm

Pm6150 by Qualcomm

Pm6150a by Qualcomm

Pm6150l by Qualcomm

Pm6250 by Qualcomm

Pm6350 by Qualcomm

Pm640a by Qualcomm

Pm640l by Qualcomm

Pm640p by Qualcomm

Pm660 by Qualcomm

Pm660a by Qualcomm

Pm660l by Qualcomm

Pm7150a by Qualcomm

Pm7150l by Qualcomm

Pm7250 by Qualcomm

Pm7250b by Qualcomm

Pm8004 by Qualcomm

Pm8008 by Qualcomm

Pm8009 by Qualcomm

Pm8150 by Qualcomm

Pm8150a by Qualcomm

Pm8150b by Qualcomm

Pm8150c by Qualcomm

Pm8150l by Qualcomm

Pm8250 by Qualcomm

Pm8350 by Qualcomm

Pm8350b by Qualcomm

Pm8350bh by Qualcomm

Pm8350c by Qualcomm

Pm855 by Qualcomm

Pm855a by Qualcomm

Pm855b by Qualcomm

Pm855l by Qualcomm

Pm855p by Qualcomm

Pmc1000h by Qualcomm

Pmd9607 by Qualcomm

Pmd9655 by Qualcomm

Pmi632 by Qualcomm

Pmk8002 by Qualcomm

Pmk8003 by Qualcomm

Pmk8350 by Qualcomm

Pmm6155au by Qualcomm

Pmm8155au by Qualcomm

Pmm8195au by Qualcomm

Pmm855au by Qualcomm