← Voltar para CVEs
CVE-2020-3675
CRITICAL9.8
Descricao
u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ5018, IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCN7605, QCS404, QCS405, Rennell, SA415M, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado9/8/2020
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
qualcomm:ipq5018qualcomm:ipq5018_firmwarequalcomm:ipq6018qualcomm:ipq6018_firmwarequalcomm:ipq8074qualcomm:ipq8074_firmwarequalcomm:kamortaqualcomm:kamorta_firmwarequalcomm:nicobarqualcomm:nicobar_firmwarequalcomm:qca6390qualcomm:qca6390_firmwarequalcomm:qcn7605qualcomm:qcn7605_firmwarequalcomm:qcs404qualcomm:qcs404_firmwarequalcomm:qcs405qualcomm:qcs405_firmwarequalcomm:rennellqualcomm:rennell_firmwarequalcomm:sa415mqualcomm:sa415m_firmwarequalcomm:saipanqualcomm:saipan_firmwarequalcomm:sc7180qualcomm:sc7180_firmwarequalcomm:sc8180xqualcomm:sc8180x_firmwarequalcomm:sdx55qualcomm:sdx55_firmwarequalcomm:sm6150qualcomm:sm6150_firmwarequalcomm:sm7150qualcomm:sm7150_firmwarequalcomm:sm8150qualcomm:sm8150_firmwarequalcomm:sm8250qualcomm:sm8250_firmware
Fraquezas (CWE)
CWE-191
Referencias
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin(product-security@qualcomm.com)
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.