CVE-2020-11284

Q: What is the severity of CVE-2020-11284?

CVE-2020-11284 has a CVSS score of 8.4 (HIGH). This vulnerability allows non-secure boot loaders to unlock and modify memory regions that should remain locked, making them untrusted sources for secure boot loaders. This affects Qualcomm Snapdragon processors in automotive, compute, industrial IoT, mobile, and wired infrastructure/networking devices. Attackers could potentially bypass secure boot protections.

8.4 HIGH

📋 TL;DR

This vulnerability allows non-secure boot loaders to unlock and modify memory regions that should remain locked, making them untrusted sources for secure boot loaders. This affects Qualcomm Snapdragon processors in automotive, compute, industrial IoT, mobile, and wired infrastructure/networking devices. Attackers could potentially bypass secure boot protections.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Industrial IOT
Snapdragon Mobile
Snapdragon Wired Infrastructure and Networking

Versions: Specific chipset versions not specified in bulletin

Operating Systems: Android-based systems and embedded OS using affected Snapdragon chips

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices using vulnerable Snapdragon chipsets; exact device models depend on manufacturer implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of secure boot chain allowing persistent malware installation, device takeover, and bypass of hardware security features.

🟠

Likely Case

Boot integrity compromise allowing unauthorized code execution during boot process, potentially leading to device control or data theft.

🟢

If Mitigated

Limited impact if secure boot is properly implemented with additional integrity checks and memory protection mechanisms.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires physical access or privileged software access to manipulate boot sequence.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm May 2021 security bulletin for specific chipset patches

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches for affected chipsets. 3. Update device firmware through manufacturer channels.

🔧 Temporary Workarounds

Secure Boot Configuration

all

Ensure secure boot is properly configured and enabled with all available security features

Physical Security Controls

all

Implement strict physical access controls to prevent unauthorized boot manipulation

🧯 If You Can't Patch

Isolate affected devices from critical networks and sensitive data
Implement additional integrity monitoring and anomaly detection for boot processes

🔍 How to Verify

Check if Vulnerable:

Check device specifications against Qualcomm's affected chipset list and verify firmware version

Check Version:

Device-specific commands vary by manufacturer (e.g., Android: getprop ro.bootloader)

Verify Fix Applied:

Verify firmware version includes May 2021 or later security patches from Qualcomm

📡 Detection & Monitoring

Log Indicators:

Boot integrity failures
Secure boot validation errors
Unexpected bootloader behavior

Network Indicators:

Unusual device behavior post-boot
Anomalous system calls during boot process

SIEM Query:

Search for boot-related security events and integrity check failures in device logs

📊 Metadata

CVE ID: CVE-2020-11284

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-667

Published: May 7, 2021

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aqt1000 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Pm3003a Firmware by Qualcomm

Pm4125 Firmware by Qualcomm

Pm4250 Firmware by Qualcomm

Pm6125 Firmware by Qualcomm

Pm6150 Firmware by Qualcomm

Pm6150a Firmware by Qualcomm

Pm6150l Firmware by Qualcomm

Pm6350 Firmware by Qualcomm

Pm640a Firmware by Qualcomm

Pm640l Firmware by Qualcomm

Pm640p Firmware by Qualcomm

Pm7250b Firmware by Qualcomm

Pm8004 Firmware by Qualcomm

Pm8005 Firmware by Qualcomm

Pm8008 Firmware by Qualcomm

Pm8009 Firmware by Qualcomm

Pm8150a Firmware by Qualcomm

Pm8150b Firmware by Qualcomm

Pm8150c Firmware by Qualcomm

Pm8150l Firmware by Qualcomm

Pm8250 Firmware by Qualcomm

Pm8350 Firmware by Qualcomm

Pm855 Firmware by Qualcomm

Pm855b Firmware by Qualcomm

Pm855l Firmware by Qualcomm

Pm855p Firmware by Qualcomm

Pm8998 Firmware by Qualcomm

Pmd9655 Firmware by Qualcomm

Pmi632 Firmware by Qualcomm

Pmi8998 Firmware by Qualcomm

Pmk8002 Firmware by Qualcomm

Pmk8003 Firmware by Qualcomm

Pmm8195au Firmware by Qualcomm

Pmm855au Firmware by Qualcomm

Pmr525 Firmware by Qualcomm

Pmx24 Firmware by Qualcomm

Pmx55 Firmware by Qualcomm

Qat3522 Firmware by Qualcomm

Qat3550 Firmware by Qualcomm

Qbt1500 Firmware by Qualcomm

Qbt2000 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca9984 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs405 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qet4101 Firmware by Qualcomm

Qet5100 Firmware by Qualcomm

Qet6100 Firmware by Qualcomm

Qet6105 Firmware by Qualcomm

Qfs2530 Firmware by Qualcomm

Qfs2580 Firmware by Qualcomm

Qpa4360 Firmware by Qualcomm

Qpa5460 Firmware by Qualcomm

Qpa6560 Firmware by Qualcomm

Qsw8574 Firmware by Qualcomm

Qtc410s Firmware by Qualcomm

Qtc800h Firmware by Qualcomm

Qtc800s Firmware by Qualcomm

Qtc801s Firmware by Qualcomm

Qtm525 Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sd460 Firmware by Qualcomm