Lucene search

QualcommCVE-2020-3687

HistoryJan 21, 2021 - 10:15 a.m.

CVE-2020-3687

2021-01-2110:15:15

CWE-200

qualcomm

web.nvd.nist.gov

cve-2020-3687

local privilege escalation

windows

admin services

arbitrary read issue

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue.

Affected configurations

Nvd

Node

qualcommqualcommMatch-

VendorProductVersionCPE
qualcommqualcomm-cpe:2.3:h:qualcomm:qualcomm:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	qualcomm	-	cpe:2.3:h:qualcomm:qualcomm:-:::::::*

CNA Affected

[
  {
    "product": "unspecified",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Social References

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2020-3687