Main Vulnerability Database Vulnerabilities #VU42590

Input validation error in Hexagon SDK - #VU42590

Published: August 10, 2020

Vulnerability identifier: #VU42590

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Hexagon SDK

Software vendor:
Qualcomm

Description

Multiple vulnerabilities have been reported in Hexagon DSP SDK, used by multiple phones.

Disclosed vulnerabilities may allow an attacker to install backdoors on the affected devices and perform other unauthorized actions.

The following CVEs were assigned to these issues: CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208 and CVE-2020-11209.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.