CVE-2020-11243

Q: What is the severity of CVE-2020-11243?

CVE-2020-11243 has a CVSS score of 7.5 (HIGH). This vulnerability in Qualcomm Snapdragon chipsets allows denial of service attacks when the Radio Resource Control (RRC) incorrectly signals connection establishment success despite validation failures. This affects devices using vulnerable Snapdragon Auto, Compute, Connectivity, and Mobile chipsets, potentially causing service disruption.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability in Qualcomm Snapdragon chipsets allows denial of service attacks when the Radio Resource Control (RRC) incorrectly signals connection establishment success despite validation failures. This affects devices using vulnerable Snapdragon Auto, Compute, Connectivity, and Mobile chipsets, potentially causing service disruption.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Mobile

Versions: Specific chipset versions not detailed in bulletin; refer to Qualcomm advisory for exact affected versions.

Operating Systems: Android and other embedded OS using affected Snapdragon chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable Snapdragon chipsets; exact device models depend on chipset implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of service on affected devices, rendering them unable to establish network connections or requiring device restart.

🟠

Likely Case

Intermittent service disruption or connection failures on affected devices during specific network handshake scenarios.

🟢

If Mitigated

Minimal impact if patched; unpatched devices remain vulnerable to targeted attacks.

🌐 Internet-Facing: MEDIUM - Requires specific network conditions and targeting of vulnerable devices.

🏢 Internal Only: MEDIUM - Could be exploited internally if attacker has network access to vulnerable devices.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires specific network conditions to trigger the RRC validation failure scenario.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm April 2021 security bulletin for specific patched versions

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches through device firmware updates. 3. Reboot device after update.

🔧 Temporary Workarounds

Network segmentation

all

Isolate vulnerable devices from untrusted networks to reduce attack surface

🧯 If You Can't Patch

Monitor network traffic for abnormal connection establishment patterns
Implement strict network access controls for affected devices

🔍 How to Verify

Check if Vulnerable:

Check device chipset version and compare against Qualcomm's affected list in April 2021 bulletin

Check Version:

Device-specific commands vary; typically check in device settings or use manufacturer diagnostic tools

Verify Fix Applied:

Verify firmware version has been updated to post-April 2021 release from device manufacturer

📡 Detection & Monitoring

Log Indicators:

Multiple RRC connection establishment failures followed by success signals
Unexpected device reboots or network disconnections

Network Indicators:

Abnormal RRC signaling patterns
Repeated connection setup attempts

SIEM Query:

Search for RRC protocol anomalies or device disconnection events in network logs

📊 Metadata

CVE ID: CVE-2020-11243

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-755

Published: April 7, 2021

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aqt1000 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Fsm10055 Firmware by Qualcomm

Fsm10056 Firmware by Qualcomm

Pm3003a Firmware by Qualcomm

Pm7150a Firmware by Qualcomm

Pm7150l Firmware by Qualcomm

Pm7250 Firmware by Qualcomm

Pm7250b Firmware by Qualcomm

Pm8004 Firmware by Qualcomm

Pm8008 Firmware by Qualcomm

Pm8009 Firmware by Qualcomm

Pm8150 Firmware by Qualcomm

Pm8150a Firmware by Qualcomm

Pm8150b Firmware by Qualcomm

Pm8150c Firmware by Qualcomm

Pm8150l Firmware by Qualcomm

Pm8250 Firmware by Qualcomm

Pm855 Firmware by Qualcomm

Pm855b Firmware by Qualcomm

Pm855l Firmware by Qualcomm

Pm855p Firmware by Qualcomm

Pmc1000h Firmware by Qualcomm

Pmk8002 Firmware by Qualcomm

Pmr525 Firmware by Qualcomm

Pmx50 Firmware by Qualcomm

Pmx55 Firmware by Qualcomm

Qat3516 Firmware by Qualcomm

Qat3518 Firmware by Qualcomm

Qat3519 Firmware by Qualcomm

Qat3555 Firmware by Qualcomm

Qat5515 Firmware by Qualcomm

Qat5522 Firmware by Qualcomm

Qat5533 Firmware by Qualcomm

Qbt2000 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qdm2301 Firmware by Qualcomm

Qdm2305 Firmware by Qualcomm

Qdm3301 Firmware by Qualcomm

Qdm5620 Firmware by Qualcomm

Qdm5621 Firmware by Qualcomm

Qdm5650 Firmware by Qualcomm

Qdm5652 Firmware by Qualcomm

Qdm5670 Firmware by Qualcomm

Qdm5671 Firmware by Qualcomm

Qdm5677 Firmware by Qualcomm

Qdm5679 Firmware by Qualcomm

Qet4101 Firmware by Qualcomm

Qet5100 Firmware by Qualcomm

Qet6110 Firmware by Qualcomm

Qfs2530 Firmware by Qualcomm

Qfs2580 Firmware by Qualcomm

Qln4642 Firmware by Qualcomm

Qln4650 Firmware by Qualcomm

Qln5020 Firmware by Qualcomm

Qln5030 Firmware by Qualcomm

Qln5040 Firmware by Qualcomm

Qpa2625 Firmware by Qualcomm

Qpa5580 Firmware by Qualcomm

Qpa6560 Firmware by Qualcomm

Qpa8673 Firmware by Qualcomm

Qpa8686 Firmware by Qualcomm

Qpa8801 Firmware by Qualcomm

Qpa8802 Firmware by Qualcomm

Qpa8803 Firmware by Qualcomm

Qpa8821 Firmware by Qualcomm

Qpa8842 Firmware by Qualcomm