Lucene search

[email protected]NVD:CVE-2020-3694

HistoryNov 02, 2020 - 7:15 a.m.

CVE-2020-3694

2020-11-0207:15:15

[email protected]

web.nvd.nist.gov

buffer range check

qseecom

snapdragon

bitra

nicobar

saipan

sm6150

sm8150

sm8250

sxr2130

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

u’Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in Bitra, Nicobar, Saipan, SM6150, SM8150, SM8250, SXR2130

Affected configurations

Nvd

Node

qualcommbitra_firmwareMatch-

AND

qualcommbitraMatch-

Node

qualcommnicobar_firmwareMatch-

AND

qualcommnicobarMatch-

Node

qualcommsaipan_firmwareMatch-

AND

qualcommsaipanMatch-

Node

qualcommsm6150_firmwareMatch-

AND

qualcommsm6150Match-

Node

qualcommsm8150_firmwareMatch-

AND

qualcommsm8150Match-

Node

qualcommsm8250_firmwareMatch-

AND

qualcommsm8250Match-

Node

qualcommsxr2130_firmwareMatch-

AND

qualcommsxr2130Match-

VendorProductVersionCPE
qualcommbitra_firmware-cpe:2.3:o:qualcomm:bitra_firmware:-:*:*:*:*:*:*:*
qualcommbitra-cpe:2.3:h:qualcomm:bitra:-:*:*:*:*:*:*:*
qualcommnicobar_firmware-cpe:2.3:o:qualcomm:nicobar_firmware:-:*:*:*:*:*:*:*
qualcommnicobar-cpe:2.3:h:qualcomm:nicobar:-:*:*:*:*:*:*:*
qualcommsaipan_firmware-cpe:2.3:o:qualcomm:saipan_firmware:-:*:*:*:*:*:*:*
qualcommsaipan-cpe:2.3:h:qualcomm:saipan:-:*:*:*:*:*:*:*
qualcommsm6150_firmware-cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*
qualcommsm6150-cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*
qualcommsm8150_firmware-cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*
qualcommsm8150-cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	bitra_firmware	-	cpe:2.3:o:qualcomm:bitra_firmware:-:::::::*
qualcomm	bitra	-	cpe:2.3:h:qualcomm:bitra:-:::::::*
qualcomm	nicobar_firmware	-	cpe:2.3:o:qualcomm:nicobar_firmware:-:::::::*
qualcomm	nicobar	-	cpe:2.3:h:qualcomm:nicobar:-:::::::*
qualcomm	saipan_firmware	-	cpe:2.3:o:qualcomm:saipan_firmware:-:::::::*
qualcomm	saipan	-	cpe:2.3:h:qualcomm:saipan:-:::::::*
qualcomm	sm6150_firmware	-	cpe:2.3:o:qualcomm:sm6150_firmware:-:::::::*
qualcomm	sm6150	-	cpe:2.3:h:qualcomm:sm6150:-:::::::*
qualcomm	sm8150_firmware	-	cpe:2.3:o:qualcomm:sm8150_firmware:-:::::::*
qualcomm	sm8150	-	cpe:2.3:h:qualcomm:sm8150:-:::::::*

Rows per page:

1-10 of 141

References

www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2020-3694

prion1 cvelist1 cve1