CVEs-PoC/2020/CVE-2020-11288.md

### [CVE-2020-11288](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11288)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Auto%2C%20Snapdragon%20Compute%2C%20Snapdragon%20Connectivity%2C%20Snapdragon%20Consumer%20IOT%2C%20Snapdragon%20Industrial%20IOT%2C%20Snapdragon%20Mobile%2C%20Snapdragon%20Voice%20%26%20Music&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Restriction%20of%20Operation%20Within%20Bounds%20of%20Memory%20Buffer%20in%20Content%20Protection&color=brighgreen)

### Description

Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin

#### Github
No PoCs found on GitHub currently.