7.8
CVE-2020-3632
- EPSS 0.03%
- Published 12.11.2020 10:15:13
- Last modified 21.11.2024 05:31:26
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
u'Incorrect validation of ring context fetched from host memory can lead to memory overflow' in Snapdragon Compute, Snapdragon Mobile in QSM8350, SC7180, SDX55, SDX55M, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Qsm8350 Firmware Version-
Qualcomm ≫ Sc7180 Firmware Version-
Qualcomm ≫ Sdx55 Firmware Version-
Qualcomm ≫ Sdx55m Firmware Version-
Qualcomm ≫ Sm6150 Firmware Version-
Qualcomm ≫ Sm6250 Firmware Version-
Qualcomm ≫ Sm6250p Firmware Version-
Qualcomm ≫ Sm7125 Firmware Version-
Qualcomm ≫ Sm7150 Firmware Version-
Qualcomm ≫ Sm7150p Firmware Version-
Qualcomm ≫ Sm7250 Firmware Version-
Qualcomm ≫ Sm7250p Firmware Version-
Qualcomm ≫ Sm8150 Firmware Version-
Qualcomm ≫ Sm8150p Firmware Version-
Qualcomm ≫ Sm8250 Firmware Version-
Qualcomm ≫ Sm8350 Firmware Version-
Qualcomm ≫ Sm8350p Firmware Version-
Qualcomm ≫ Sxr2130 Firmware Version-
Qualcomm ≫ Sxr2130p Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.06 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.