Lucene search

[email protected]CVE-2020-3684

HistoryNov 02, 2020 - 7:15 a.m.

CVE-2020-3684

2020-11-0207:15:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2020-3684

qsee

smem toc

snapdragon

security vulnerability

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

11.7%

JSON

u’QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CPENameOperatorVersion
qualcomm:agatti_firmwarequalcomm agatti firmwareeq-
qualcomm:apq8009_firmwarequalcomm apq8009 firmwareeq-
qualcomm:apq8098_firmwarequalcomm apq8098 firmwareeq-
qualcomm:bitra_firmwarequalcomm bitra firmwareeq-
qualcomm:ipq6018_firmwarequalcomm ipq6018 firmwareeq-
qualcomm:kamorta_firmwarequalcomm kamorta firmwareeq-
qualcomm:mdm9150_firmwarequalcomm mdm9150 firmwareeq-
qualcomm:mdm9205_firmwarequalcomm mdm9205 firmwareeq-
qualcomm:mdm9206_firmwarequalcomm mdm9206 firmwareeq-
qualcomm:mdm9607_firmwarequalcomm mdm9607 firmwareeq-

CPE	Name	Operator	Version
qualcomm:agatti_firmware	qualcomm agatti firmware	eq	-
qualcomm:apq8009_firmware	qualcomm apq8009 firmware	eq	-
qualcomm:apq8098_firmware	qualcomm apq8098 firmware	eq	-
qualcomm:bitra_firmware	qualcomm bitra firmware	eq	-
qualcomm:ipq6018_firmware	qualcomm ipq6018 firmware	eq	-
qualcomm:kamorta_firmware	qualcomm kamorta firmware	eq	-
qualcomm:mdm9150_firmware	qualcomm mdm9150 firmware	eq	-
qualcomm:mdm9205_firmware	qualcomm mdm9205 firmware	eq	-
qualcomm:mdm9206_firmware	qualcomm mdm9206 firmware	eq	-
qualcomm:mdm9607_firmware	qualcomm mdm9607 firmware	eq	-

Rows per page:

1-10 of 451

References

www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

11.7%

JSON

Related for CVE-2020-3684

prion1