CVE-2020-11262

Q: What is the severity of CVE-2020-11262?

CVE-2020-11262 has a CVSS score of 7.0 (HIGH). This is a use-after-free vulnerability in Qualcomm Snapdragon chipsets where a race condition between command submission and context destruction can lead to memory corruption. It affects devices using Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, and Wearables chips. Attackers could potentially execute arbitrary code or cause denial of service.

7.0 HIGH

📋 TL;DR

This is a use-after-free vulnerability in Qualcomm Snapdragon chipsets where a race condition between command submission and context destruction can lead to memory corruption. It affects devices using Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, and Wearables chips. Attackers could potentially execute arbitrary code or cause denial of service.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Mobile
Snapdragon Voice & Music
Snapdragon Wearables

Versions: Specific chipset versions not detailed in bulletin - check Qualcomm advisory for exact affected versions.

Operating Systems: Android, Linux-based embedded systems, QNX, Other embedded OS using Snapdragon chips

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable Qualcomm chipset firmware. Exact device models depend on manufacturer implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Local privilege escalation, denial of service, or application crashes.

🟢

If Mitigated

Limited impact due to exploit complexity and memory corruption mitigations like ASLR.

🌐 Internet-Facing: MEDIUM - Requires local access or exploitation through malicious apps, but could be chained with other vulnerabilities.

🏢 Internal Only: HIGH - Local attackers or malicious apps could exploit this for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Race condition exploitation requires precise timing and local access. No public exploits known as of advisory publication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check device manufacturer for specific firmware updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches through OEM firmware updates. 3. Reboot device after update installation.

🔧 Temporary Workarounds

No direct workaround

all

This is a firmware-level vulnerability requiring chipset vendor patches.

🧯 If You Can't Patch

Isolate affected devices from untrusted networks and users
Implement strict application control to prevent malicious app installation

🔍 How to Verify

Check if Vulnerable:

Check device chipset model and firmware version against manufacturer security bulletins.

Check Version:

Device-specific: On Android: 'getprop ro.bootloader' or check Settings > About Phone

Verify Fix Applied:

Verify firmware version has been updated to a version after January 2021 Qualcomm security patches.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Unexpected process crashes
Memory corruption error messages

Network Indicators:

Unusual outbound connections from system processes

SIEM Query:

Process: (crash OR panic) AND Source: kernel AND Device: (Qualcomm OR Snapdragon)

📊 Metadata

CVE ID: CVE-2020-11262

CVSS v3 Score: 7.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-362

Published: June 9, 2021

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin Patch,Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Apq8009 Firmware by Qualcomm

Apq8009w Firmware by Qualcomm

Apq8017 Firmware by Qualcomm

Apq8053 Firmware by Qualcomm

Apq8064au Firmware by Qualcomm

Apq8096au Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Ar8031 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Ar8151 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Fsm10055 Firmware by Qualcomm

Fsm10056 Firmware by Qualcomm

Mdm9206 Firmware by Qualcomm

Mdm9650 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Msm8917 Firmware by Qualcomm

Msm8953 Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Pm215 Firmware by Qualcomm

Pm3003a Firmware by Qualcomm

Pm4125 Firmware by Qualcomm

Pm439 Firmware by Qualcomm

Pm456 Firmware by Qualcomm

Pm6125 Firmware by Qualcomm

Pm6150 Firmware by Qualcomm

Pm6150a Firmware by Qualcomm

Pm6150l Firmware by Qualcomm

Pm6250 Firmware by Qualcomm

Pm6350 Firmware by Qualcomm

Pm640a Firmware by Qualcomm

Pm640l Firmware by Qualcomm

Pm640p Firmware by Qualcomm

Pm660 Firmware by Qualcomm

Pm660a Firmware by Qualcomm

Pm660l Firmware by Qualcomm

Pm670 Firmware by Qualcomm

Pm670a Firmware by Qualcomm

Pm670l Firmware by Qualcomm

Pm7150a Firmware by Qualcomm

Pm7150l Firmware by Qualcomm

Pm7250 Firmware by Qualcomm

Pm7250b Firmware by Qualcomm

Pm7350c Firmware by Qualcomm

Pm8004 Firmware by Qualcomm

Pm8005 Firmware by Qualcomm

Pm8008 Firmware by Qualcomm

Pm8009 Firmware by Qualcomm

Pm8150 Firmware by Qualcomm

Pm8150a Firmware by Qualcomm

Pm8150b Firmware by Qualcomm

Pm8150c Firmware by Qualcomm

Pm8150l Firmware by Qualcomm

Pm8250 Firmware by Qualcomm

Pm8350 Firmware by Qualcomm

Pm8350b Firmware by Qualcomm

Pm8350bh Firmware by Qualcomm

Pm8350bhs Firmware by Qualcomm

Pm8350c Firmware by Qualcomm

Pm855 Firmware by Qualcomm

Pm855a Firmware by Qualcomm

Pm855b Firmware by Qualcomm

Pm855l Firmware by Qualcomm

Pm855p Firmware by Qualcomm

Pm8909 Firmware by Qualcomm

Pm8916 Firmware by Qualcomm

Pm8937 Firmware by Qualcomm

Pm8953 Firmware by Qualcomm

Pm8998 Firmware by Qualcomm

Pmc1000h Firmware by Qualcomm

Pmd9607 Firmware by Qualcomm

Pmd9655 Firmware by Qualcomm

Pme605 Firmware by Qualcomm

Pmi632 Firmware by Qualcomm

Pmi8937 Firmware by Qualcomm