SB2020081028 - Multiple vulnerabilities in Hexagon SDK in Qualcomm Snapdragon chips
Published: August 10, 2020 Updated: November 11, 2020
Security Bulletin ID
SB2020081028
Severity
Low
Patch available
NO
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: N/A)
Multiple vulnerabilities have been reported in Hexagon DSP SDK, used by multiple phones.
Disclosed vulnerabilities may allow an attacker to install backdoors on the affected devices and perform other unauthorized actions.
The following CVEs were assigned to these issues: CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208 and CVE-2020-11209.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.