CVE-2020-3653
Severity Score
9.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Possible buffer over-read in windows wlan driver function due to lack of check of length of variable received from userspace in Snapdragon Compute, Snapdragon Connectivity in MSM8998, QCA6390, SC7180, SC8180X, SDM850
Una posible lectura excesiva del búfer en la función del controlador wlan de Windows debido a una falta de comprobación de la longitud de la variable recibida desde el espacio del usuario en los productos Snapdragon Compute, Snapdragon Connectivity en versiones MSM8998, QCA6390, SC7180, SC8180X, SDM850.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-12-17 CVE Reserved
- 2020-04-16 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin | 2021-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Msm8998 Firmware Search vendor "Qualcomm" for product "Msm8998 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8998 Search vendor "Qualcomm" for product "Msm8998" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qca6390 Firmware Search vendor "Qualcomm" for product "Qca6390 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca6390 Search vendor "Qualcomm" for product "Qca6390" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sc7180 Firmware Search vendor "Qualcomm" for product "Sc7180 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sc7180 Search vendor "Qualcomm" for product "Sc7180" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sc8180x Firmware Search vendor "Qualcomm" for product "Sc8180x Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sc8180x Search vendor "Qualcomm" for product "Sc8180x" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm850 Firmware Search vendor "Qualcomm" for product "Sdm850 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm850 Search vendor "Qualcomm" for product "Sdm850" | - | - |
Safe
|