← Zuruck zu CVEs
CVE-2020-3675
CRITICAL9.8
Beschreibung
u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ5018, IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCN7605, QCS404, QCS405, Rennell, SA415M, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250
CVE Details
CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht9/8/2020
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
qualcomm:ipq5018qualcomm:ipq5018_firmwarequalcomm:ipq6018qualcomm:ipq6018_firmwarequalcomm:ipq8074qualcomm:ipq8074_firmwarequalcomm:kamortaqualcomm:kamorta_firmwarequalcomm:nicobarqualcomm:nicobar_firmwarequalcomm:qca6390qualcomm:qca6390_firmwarequalcomm:qcn7605qualcomm:qcn7605_firmwarequalcomm:qcs404qualcomm:qcs404_firmwarequalcomm:qcs405qualcomm:qcs405_firmwarequalcomm:rennellqualcomm:rennell_firmwarequalcomm:sa415mqualcomm:sa415m_firmwarequalcomm:saipanqualcomm:saipan_firmwarequalcomm:sc7180qualcomm:sc7180_firmwarequalcomm:sc8180xqualcomm:sc8180x_firmwarequalcomm:sdx55qualcomm:sdx55_firmwarequalcomm:sm6150qualcomm:sm6150_firmwarequalcomm:sm7150qualcomm:sm7150_firmwarequalcomm:sm8150qualcomm:sm8150_firmwarequalcomm:sm8250qualcomm:sm8250_firmware
Schwachen (CWE)
CWE-191
Referenzen
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin(product-security@qualcomm.com)
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.