CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-11114
https://notcve.org/view.php?id=CVE-2020-11114
u'Bluetooth devices does not properly restrict the L2CAP payload length allowing users in radio range to cause a buffer overflow via a crafted Link Layer packet(Equivalent to CVE-2019-17060,CVE-2019-17061 and CVE-2019-17517 in Sweyntooth paper)' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in AR9344 Los dispositivos Bluetooth no restringen apropiadamente la longitud de la carga útil L2CAP, permitiendo a usuarios en el radio de alcance causar un desbordamiento del búfer por medio de un paquete Link Layer diseñado (equivalente a CVE-2019-17060, CVE-2019-17061 y CVE-2019-17517 en papel Sweyntooth) en los productos Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music en versión AR9344 • https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2020-25859
https://notcve.org/view.php?id=CVE-2020-25859
The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior to versions released in October 2020 uses a system() call without validating the input, while handling a SetGatewayUrl() request. A local attacker with shell access can pass shell metacharacters and run arbitrary commands. If QCMAP_CLI can be run via sudo or setuid, this also allows elevating privileges to root. This version of QCMAP is used in many kinds of networking devices, primarily mobile hotspots and LTE routers. La utilidad QCMAP_CLI en la suite de software Qualcomm QCMAP anteriores a las versiones publicadas en octubre de 2020 usa una llamada system() sin comprobar la entrada, mientras maneja una petición de SetGatewayUrl(). • http://vdoo.com/blog/qualcomm-qcmap-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-25858
https://notcve.org/view.php?id=CVE-2020-25858
The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior to versions released in October 2020 does not validate the return value of a strstr() or strchr() call in the Tokenizer() function. An attacker who invokes the web interface with a crafted URL can crash the process, causing denial of service. This version of QCMAP is used in many kinds of networking devices, primarily mobile hotspots and LTE routers. El binario QCMAP_Web_CLIENT en la suite de software Qualcomm QCMAP anteriores a las versiones publicadas en octubre de 2020, no comprueba el valor de retorno de una llamada de strstr() o strchr() en la función Tokenizer(). Un atacante que invoca la interfaz web con una URL diseñada puede bloquear el proceso causando una denegación de servicio. • http://vdoo.com/blog/qualcomm-qcmap-vulnerabilities • CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-18991
https://notcve.org/view.php?id=CVE-2019-18991
A partial authentication bypass vulnerability exists on Atheros AR9132 3.60(AMX.8), AR9283 1.85, and AR9285 1.0.0.12NA devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which would allow an attacker to discern information or potentially modify data. Se presenta una vulnerabilidad de omisión de autenticación parcial en los dispositivos Atheros AR9132 versión 3.60(AMX.8), AR9283 versión 1.85 y AR9285 versión 1.0.0.12NA. La vulnerabilidad permite enviar una trama de datos no cifrada hacia un enrutador WLAN protegido por WPA2 donde el paquete se enruta por medio de la red. • https://www.synopsys.com/blogs/software-security/cyrc-advisory-sept2020 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2020-3674
https://notcve.org/view.php?id=CVE-2020-3674
Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130 Una información puede filtrarse al espacio de usuario debido a una transferencia inapropiada de datos desde el kernel hacia el espacio de usuario en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice y Music, Snapdragon Wearables en versiones Nicobar, QCS405, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130 • https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin • CWE-125: Out-of-bounds Read •