CVE-2020-11164

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions in Agatti, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8909W, MSM8917, MSM8940, Nicobar, QCA6390, QCM2150, QCS605, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429W, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Description The issue is related to improper access control in Perfdump, which may allow third-party apps to call broadcasts and cause a privilege escalation issue. This affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wearables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.