Stack Canary Information Exposure Vulnerability in Multiple Snapdragon Platforms

Stack Canary Information Exposure Vulnerability in Multiple Snapdragon Platforms

CVE-2020-11199 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Learn more about our Industrial Pen Testing.