CVEs-PoC/2020/CVE-2020-11284.md

### [CVE-2020-11284](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11284)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Auto%2C%20Snapdragon%20Compute%2C%20Snapdragon%20Industrial%20IOT%2C%20Snapdragon%20Mobile%2C%20Snapdragon%20Wired%20Infrastructure%20and%20Networking&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Restriction%20of%20Operation%20Within%20Bounds%20of%20Memory%20Buffer%20in%20QTEE&color=brighgreen)

### Description

Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin

#### Github
No PoCs found on GitHub currently.