CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jun 1, 2022
CVE-2020-11261
Description
Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
EPSS — Exploit Probability
Higher than 78.2% of all CVEs
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2020-11261
Risk Assessment
ELEVATEDDetails
- Severity
- High
- EPSS
- 1.1%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 0
Timeline
Published
Dec 1, 2021
Added to KEV
Dec 1, 2021
Remediation Due
Jun 1, 2022
Affected Product
Qualcomm
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
View all Qualcomm CVEs