10

CVE-2020-3667

u'Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ5018, IPQ6018, IPQ8074, Kamorta, MSM8998, Nicobar, QCA6390, QCA8081, QCS404, QCS405, QCS605, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130

Data is provided by the National Vulnerability Database (NVD)
QualcommApq8098 Firmware Version-
   QualcommApq8098 Version-
QualcommIpq5018 Firmware Version-
   QualcommIpq5018 Version-
QualcommIpq6018 Firmware Version-
   QualcommIpq6018 Version-
QualcommIpq8074 Firmware Version-
   QualcommIpq8074 Version-
QualcommKamorta Firmware Version-
   QualcommKamorta Version-
QualcommMsm8998 Firmware Version-
   QualcommMsm8998 Version-
QualcommNicobar Firmware Version-
   QualcommNicobar Version-
QualcommQca6390 Firmware Version-
   QualcommQca6390 Version-
QualcommQca8081 Firmware Version-
   QualcommQca8081 Version-
QualcommQcs404 Firmware Version-
   QualcommQcs404 Version-
QualcommQcs405 Firmware Version-
   QualcommQcs405 Version-
QualcommQcs605 Firmware Version-
   QualcommQcs605 Version-
QualcommRennell Firmware Version-
   QualcommRennell Version-
QualcommSa415m Firmware Version-
   QualcommSa415m Version-
QualcommSaipan Firmware Version-
   QualcommSaipan Version-
QualcommSc7180 Firmware Version-
   QualcommSc7180 Version-
QualcommSc8180x Firmware Version-
   QualcommSc8180x Version-
QualcommSda845 Firmware Version-
   QualcommSda845 Version-
QualcommSdm630 Firmware Version-
   QualcommSdm630 Version-
QualcommSdm636 Firmware Version-
   QualcommSdm636 Version-
QualcommSdm660 Firmware Version-
   QualcommSdm660 Version-
QualcommSdm670 Firmware Version-
   QualcommSdm670 Version-
QualcommSdm710 Firmware Version-
   QualcommSdm710 Version-
QualcommSdm845 Firmware Version-
   QualcommSdm845 Version-
QualcommSdm850 Firmware Version-
   QualcommSdm850 Version-
QualcommSm6150 Firmware Version-
   QualcommSm6150 Version-
QualcommSm7150 Firmware Version-
   QualcommSm7150 Version-
QualcommSm8150 Firmware Version-
   QualcommSm8150 Version-
QualcommSm8250 Firmware Version-
   QualcommSm8250 Version-
QualcommSxr1130 Firmware Version-
   QualcommSxr1130 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.27% 0.472
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.