Lucene search

[email protected]CVE-2020-3638

HistoryNov 02, 2020 - 7:15 a.m.

CVE-2020-3638

2020-11-0207:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2020-3638

information security

database

access control

snapdragon

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

11.7%

JSON

u’An Unaligned address or size can propagate to the database due to improper page permissions and can lead to improper access control’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Agatti, Bitra, Kamorta, QCA6390, QCS404, QCS610, Rennell, SA515M, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

CPENameOperatorVersion
qualcomm:agatti_firmwarequalcomm agatti firmwareeq-
qualcomm:bitra_firmwarequalcomm bitra firmwareeq-
qualcomm:kamorta_firmwarequalcomm kamorta firmwareeq-
qualcomm:qca6390_firmwarequalcomm qca6390 firmwareeq-
qualcomm:qcs404_firmwarequalcomm qcs404 firmwareeq-
qualcomm:qcs610_firmwarequalcomm qcs610 firmwareeq-
qualcomm:rennell_firmwarequalcomm rennell firmwareeq-
qualcomm:sa515m_firmwarequalcomm sa515m firmwareeq-
qualcomm:sc7180_firmwarequalcomm sc7180 firmwareeq-
qualcomm:sc8180x_firmwarequalcomm sc8180x firmwareeq-

CPE	Name	Operator	Version
qualcomm:agatti_firmware	qualcomm agatti firmware	eq	-
qualcomm:bitra_firmware	qualcomm bitra firmware	eq	-
qualcomm:kamorta_firmware	qualcomm kamorta firmware	eq	-
qualcomm:qca6390_firmware	qualcomm qca6390 firmware	eq	-
qualcomm:qcs404_firmware	qualcomm qcs404 firmware	eq	-
qualcomm:qcs610_firmware	qualcomm qcs610 firmware	eq	-
qualcomm:rennell_firmware	qualcomm rennell firmware	eq	-
qualcomm:sa515m_firmware	qualcomm sa515m firmware	eq	-
qualcomm:sc7180_firmware	qualcomm sc7180 firmware	eq	-
qualcomm:sc8180x_firmware	qualcomm sc8180x firmware	eq	-

Rows per page:

1-10 of 161

References

www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

11.7%

JSON

Related for CVE-2020-3638

prion1