Lucene search

K
nvd[email protected]NVD:CVE-2020-3667
HistorySep 08, 2020 - 10:15 a.m.

CVE-2020-3667

2020-09-0810:15:16
CWE-120
web.nvd.nist.gov
7
buffer overflow
wpa
snapdragon
apq8098
msm8998
qcs605
vulnerability

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

71.2%

u’Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ5018, IPQ6018, IPQ8074, Kamorta, MSM8998, Nicobar, QCA6390, QCA8081, QCS404, QCS405, QCS605, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130

Affected configurations

Nvd
Node
qualcommapq8098_firmwareMatch-
AND
qualcommapq8098Match-
Node
qualcommipq5018_firmwareMatch-
AND
qualcommipq5018Match-
Node
qualcommipq6018_firmwareMatch-
AND
qualcommipq6018Match-
Node
qualcommipq8074_firmwareMatch-
AND
qualcommipq8074Match-
Node
qualcommkamorta_firmwareMatch-
AND
qualcommkamortaMatch-
Node
qualcommmsm8998_firmwareMatch-
AND
qualcommmsm8998Match-
Node
qualcommnicobar_firmwareMatch-
AND
qualcommnicobarMatch-
Node
qualcommqca6390_firmwareMatch-
AND
qualcommqca6390Match-
Node
qualcommqca8081_firmwareMatch-
AND
qualcommqca8081Match-
Node
qualcommqcs404_firmwareMatch-
AND
qualcommqcs404Match-
Node
qualcommqcs405_firmwareMatch-
AND
qualcommqcs405Match-
Node
qualcommqcs605_firmwareMatch-
AND
qualcommqcs605Match-
Node
qualcommrennell_firmwareMatch-
AND
qualcommrennellMatch-
Node
qualcommsa415m_firmwareMatch-
AND
qualcommsa415mMatch-
Node
qualcommsaipan_firmwareMatch-
AND
qualcommsaipanMatch-
Node
qualcommsc7180_firmwareMatch-
AND
qualcommsc7180Match-
Node
qualcommsc8180x_firmwareMatch-
AND
qualcommsc8180xMatch-
Node
qualcommsda845_firmwareMatch-
AND
qualcommsda845Match-
Node
qualcommsdm630_firmwareMatch-
AND
qualcommsdm630Match-
Node
qualcommsdm636_firmwareMatch-
AND
qualcommsdm636Match-
Node
qualcommsdm660_firmwareMatch-
AND
qualcommsdm660Match-
Node
qualcommsdm670_firmwareMatch-
AND
qualcommsdm670Match-
Node
qualcommsdm710_firmwareMatch-
AND
qualcommsdm710Match-
Node
qualcommsdm845_firmwareMatch-
AND
qualcommsdm845Match-
Node
qualcommsdm850_firmwareMatch-
AND
qualcommsdm850Match-
Node
qualcommsm6150_firmwareMatch-
AND
qualcommsm6150Match-
Node
qualcommsm7150_firmwareMatch-
AND
qualcommsm7150Match-
Node
qualcommsm8150_firmwareMatch-
AND
qualcommsm8150Match-
Node
qualcommsm8250_firmwareMatch-
AND
qualcommsm8250Match-
Node
qualcommsxr1130_firmwareMatch-
AND
qualcommsxr1130Match-
VendorProductVersionCPE
qualcommapq8098_firmware-cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*
qualcommapq8098-cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*
qualcommipq5018_firmware-cpe:2.3:o:qualcomm:ipq5018_firmware:-:*:*:*:*:*:*:*
qualcommipq5018-cpe:2.3:h:qualcomm:ipq5018:-:*:*:*:*:*:*:*
qualcommipq6018_firmware-cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*
qualcommipq6018-cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*
qualcommipq8074_firmware-cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*
qualcommipq8074-cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*
qualcommkamorta_firmware-cpe:2.3:o:qualcomm:kamorta_firmware:-:*:*:*:*:*:*:*
qualcommkamorta-cpe:2.3:h:qualcomm:kamorta:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 601

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

71.2%

Related for NVD:CVE-2020-3667