Multiple vulnerabilities in Qualcomm Chipsets
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2020-3700 CVE-2019-10580 CVE-2020-3701 CVE-2020-3688 CVE-2020-3671 CVE-2020-3698 CVE-2020-3699 |
| CWE-ID | CWE-125 CWE-416 CWE-787 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
APQ8053 Hardware solutions / Firmware QCA9980 Hardware solutions / Firmware QCA9558 Hardware solutions / Firmware QCA9531 Hardware solutions / Firmware IPQ8074 Hardware solutions / Firmware IPQ8064 Hardware solutions / Firmware IPQ4019 Hardware solutions / Firmware SXR2130 Hardware solutions / Firmware SM8250 Hardware solutions / Firmware SM8150 Hardware solutions / Firmware SDX55 Hardware solutions / Firmware SDM439 Hardware solutions / Firmware SC8180X Hardware solutions / Firmware QCA6574AU Hardware solutions / Firmware MSM8996AU Hardware solutions / Firmware MSM8909W Hardware solutions / Firmware MDM9607 Hardware solutions / Firmware APQ8096AU Hardware solutions / Firmware SDM429W Hardware solutions / Firmware Saipan Hardware solutions / Firmware QCS605 Hardware solutions / Firmware QCS405 Hardware solutions / Firmware QCM2150 Hardware solutions / Firmware Nicobar Hardware solutions / Firmware APQ8009 Hardware solutions / Firmware APQ8098 Hardware solutions / Firmware APQ8017 Hardware solutions / Firmware Kamorta Hardware solutions / Firmware MSM8953 Hardware solutions / Firmware MSM8940 Hardware solutions / Firmware MSM8937 Hardware solutions / Firmware MSM8920 Hardware solutions / Firmware MSM8917 Hardware solutions / Firmware MSM8905 Hardware solutions / Firmware MDM9207C Hardware solutions / Firmware MDM9206 Hardware solutions / Firmware MSM8996 Hardware solutions / Firmware MSM8998 Hardware solutions / Firmware QM215 Hardware solutions / Firmware SXR1130 Hardware solutions / Firmware SDM710 Hardware solutions / Firmware SDM670 Hardware solutions / Firmware SDA660 Hardware solutions / Firmware Rennell Hardware solutions / Firmware SM7150 Hardware solutions / Firmware SM6150 Hardware solutions / Firmware SDX20 Hardware solutions / Firmware SDM845 Hardware solutions / Firmware SDM660 Hardware solutions / Firmware SDM636 Hardware solutions / Firmware SDM632 Hardware solutions / Firmware SDM630 Hardware solutions / Firmware SDM450 Hardware solutions / Firmware SDM429 Hardware solutions / Firmware SDA845 Hardware solutions / Firmware SA6155P Hardware solutions / Firmware QCN7605 Hardware solutions / Firmware QCA9379 Hardware solutions / Firmware QCA9377 Hardware solutions / Firmware QCA6174A Hardware solutions / Firmware MDM9650 Hardware solutions / Firmware MDM9150 Hardware solutions / Firmware MDM9640 Hardware solutions / Firmware |
| Vendor | Qualcomm |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU29647
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-3700
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in WIN WLAN Host. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAPQ8053: All versions
QCA9980: All versions
QCA9558: All versions
QCA9531: All versions
IPQ8074: All versions
IPQ8064: All versions
IPQ4019: All versions
SXR2130: All versions
SM8250: All versions
SM8150: All versions
SDX55: All versions
SDM439: All versions
SC8180X: All versions
QCA6574AU: All versions
MSM8996AU: All versions
MSM8909W: All versions
MDM9607: All versions
APQ8096AU: All versions
CPE2.3- cpe:2.3:h:qualcomm:apq8053:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca9980:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca9558:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca9531:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:ipq8074:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:ipq8064:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:ipq4019:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sxr2130:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8250:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdx55:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm439:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sc8180x:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca6574au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8996au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8909w:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9607:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8096au:*:*:*:*:*:*:*:*
http://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
http://source.codeaurora.org/quic/la/platform/external/wpa_supplicant_8/commit?id=c8d215c57c049ed7015ded342ebaaef21b438425
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU29648
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-10580
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in HLOS. A local attacker can gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMDM9607: All versions
SXR2130: All versions
SM8250: All versions
SM8150: All versions
SDX55: All versions
SDM429W: All versions
SC8180X: All versions
Saipan: All versions
QCS605: All versions
QCS405: All versions
QCM2150: All versions
Nicobar: All versions
MSM8909W: All versions
CPE2.3- cpe:2.3:h:qualcomm:mdm9607:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sxr2130:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8250:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdx55:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sc8180x:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:saipan:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcs605:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcs405:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcm2150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:nicobar:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8909w:*:*:*:*:*:*:*:*
http://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
http://source.codeaurora.org/quic/la/kernel/msm-4.14/commit/?id=a215c96a48843a731efc084d25c680c1cdb3bde2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use-after-free
EUVDB-ID: #VU29650
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-3701
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in Camera Driver. A remote attacker can gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSaipan: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3- cpe:2.3:h:qualcomm:saipan:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8250:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sxr2130:*:*:*:*:*:*:*:*
http://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU29651
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-3688
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Video while parsing mp4 clip with corrupted sample atoms. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8098: All versions
APQ8096AU: All versions
APQ8053: All versions
APQ8017: All versions
Kamorta: All versions
MSM8953: All versions
MSM8940: All versions
MSM8937: All versions
MSM8920: All versions
MSM8917: All versions
MSM8909W: All versions
MSM8905: All versions
MDM9607: All versions
MDM9207C: All versions
MDM9206: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
QM215: All versions
QCS605: All versions
QCS405: All versions
QCM2150: All versions
QCA6574AU: All versions
Nicobar: All versions
SXR1130: All versions
SDM710: All versions
SDM670: All versions
SDA660: All versions
Rennell: All versions
SM7150: All versions
SM6150: All versions
SXR2130: All versions
SM8250: All versions
SM8150: All versions
SDX20: All versions
SDM845: All versions
SDM660: All versions
SDM636: All versions
SDM632: All versions
SDM630: All versions
SDM450: All versions
SDM439: All versions
SDM429W: All versions
SDM429: All versions
SDA845: All versions
Saipan: All versions
SA6155P: All versions
CPE2.3- cpe:2.3:h:qualcomm:apq8009:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8098:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8096au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8053:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8017:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:kamorta:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8953:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8940:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8937:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8920:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8917:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8909w:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8905:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9607:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9207c:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9206:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8996o:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8996au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8998:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qm215:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcs605:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcs405:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcm2150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca6574au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:nicobar:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sxr1130:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm710:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm670:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sda660:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:rennell:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm7150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm6150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sxr2130:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8250:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdx20:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm845:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm660:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm636:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm632:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm630:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm450:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm439:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm429:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sda845:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:saipan:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sa6155p:*:*:*:*:*:*:*:*
http://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use-after-free
EUVDB-ID: #VU29649
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-3671
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in Multimedia when generating a frame buffer in OpenGL ES. A remote attacker can gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAPQ8009: All versions
SXR2130: All versions
SM8250: All versions
SM8150: All versions
SDM845: All versions
Saipan: All versions
QCS405: All versions
QCM2150: All versions
Nicobar: All versions
CPE2.3- cpe:2.3:h:qualcomm:apq8009:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sxr2130:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8250:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm845:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:saipan:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcs405:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcm2150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:nicobar:*:*:*:*:*:*:*:*
http://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds write
EUVDB-ID: #VU29629
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-3698
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in WLAN Host. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAPQ8009: All versions
SXR2130: All versions
SM8250: All versions
SM8150: All versions
SDX55: All versions
SDX20: All versions
SDM845: All versions
SDM660: All versions
SDM636: All versions
SDM632: All versions
SDM630: All versions
SDM450: All versions
SDM439: All versions
SDM429W: All versions
SDM429: All versions
SDA845: All versions
SC8180X: All versions
Saipan: All versions
SA6155P: All versions
QM215: All versions
QCS605: All versions
QCS405: All versions
QCN7605: All versions
QCM2150: All versions
QCA9379: All versions
QCA9377: All versions
QCA6574AU: All versions
QCA6174A: All versions
Nicobar: All versions
MSM8996AU: All versions
MSM8953: All versions
MSM8940: All versions
MSM8937: All versions
MSM8920: All versions
MSM8917: All versions
MSM8909W: All versions
MSM8905: All versions
MDM9650: All versions
MDM9607: All versions
MDM9207C: All versions
MDM9206: All versions
MDM9150: All versions
APQ8098: All versions
APQ8096AU: All versions
APQ8053: All versions
APQ8017: All versions
CPE2.3- cpe:2.3:h:qualcomm:apq8009:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sxr2130:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8250:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdx55:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdx20:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm845:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm660:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm636:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm632:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm630:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm450:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm439:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm429:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sda845:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sc8180x:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:saipan:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sa6155p:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qm215:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcs605:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcs405:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcn7605:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcm2150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca9379:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca9377:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca6574au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca6174a:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:nicobar:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8996au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8953:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8940:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8937:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8920:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8917:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8909w:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8905:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9650:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9607:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9207c:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9206:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8098:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8096au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8053:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8017:*:*:*:*:*:*:*:*
http://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
http://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=df541cea94d83533ff8f34a9b8ae77964788b1c7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU29645
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-3699
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in WLAN HOST. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAPQ8009: All versions
SM7150: All versions
SM6150: All versions
MDM9640: All versions
SXR2130: All versions
SM8250: All versions
SM8150: All versions
SDX55: All versions
SDX20: All versions
SDM845: All versions
SDM660: All versions
SDM636: All versions
SDM632: All versions
SDM630: All versions
SDM450: All versions
SDM439: All versions
SDM429W: All versions
SDM429: All versions
SDA845: All versions
SC8180X: All versions
Saipan: All versions
SA6155P: All versions
QM215: All versions
QCS605: All versions
QCS405: All versions
QCN7605: All versions
QCM2150: All versions
QCA9379: All versions
QCA9377: All versions
QCA6574AU: All versions
QCA6174A: All versions
Nicobar: All versions
MSM8996AU: All versions
MSM8953: All versions
MSM8940: All versions
MSM8937: All versions
MSM8920: All versions
MSM8917: All versions
MSM8909W: All versions
MSM8905: All versions
MDM9650: All versions
MDM9607: All versions
MDM9207C: All versions
MDM9206: All versions
APQ8096AU: All versions
APQ8053: All versions
APQ8017: All versions
CPE2.3- cpe:2.3:h:qualcomm:apq8009:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm7150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm6150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9640:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sxr2130:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8250:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sm8150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdx55:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdx20:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm845:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm660:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm636:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm632:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm630:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm450:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm439:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sdm429:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sda845:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sc8180x:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:saipan:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:sa6155p:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qm215:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcs605:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcs405:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcn7605:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qcm2150:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca9379:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca9377:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca6574au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:qca6174a:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:nicobar:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8996au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8953:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8940:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8937:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8920:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8917:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8909w:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:msm8905:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9650:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9607:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9207c:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:mdm9206:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8096au:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8053:*:*:*:*:*:*:*:*
- cpe:2.3:h:qualcomm:apq8017:*:*:*:*:*:*:*:*
http://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
http://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=87baef651fcb908b334c0034e98adde90be848b0
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
