Lucene search

[email protected]NVD:CVE-2020-3648

HistorySep 08, 2020 - 10:15 a.m.

CVE-2020-3648

2020-09-0810:15:15

CWE-20

CWE-787

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

u’Possible out of bound write in DSP driver code due to lack of check of data received from user’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W

Affected configurations

Nvd

Node

qualcommmsm8909w_firmwareMatch-

AND

qualcommmsm8909wMatch-

VendorProductVersionCPE
qualcommmsm8909w_firmware-cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
qualcommmsm8909w-cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	msm8909w_firmware	-	cpe:2.3:o:qualcomm:msm8909w_firmware:-:::::::*
qualcomm	msm8909w	-	cpe:2.3:h:qualcomm:msm8909w:-:::::::*

References

www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2020-3648

prion1 cve1 cvelist1