// For flags

CVE-2020-3702

 

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150

Un tráfico específicamente sincronizado y diseñado puede causar errores internos en un dispositivo WLAN que conllevan a un cifrado inapropiado del Wi-Fi de capa 2 con la consiguiente posibilidad de divulgación de información sobre el aire para un conjunto discreto de tráfico en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking versiones APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-12-17 CVE Reserved
  • 2020-09-08 CVE Published
  • 2024-07-13 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-319: Cleartext Transmission of Sensitive Information
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Qualcomm
Search vendor "Qualcomm"
Apq8053 Firmware
Search vendor "Qualcomm" for product "Apq8053 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Apq8053
Search vendor "Qualcomm" for product "Apq8053"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Ipq4019 Firmware
Search vendor "Qualcomm" for product "Ipq4019 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Ipq4019
Search vendor "Qualcomm" for product "Ipq4019"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Ipq8064 Firmware
Search vendor "Qualcomm" for product "Ipq8064 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Ipq8064
Search vendor "Qualcomm" for product "Ipq8064"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8909w Firmware
Search vendor "Qualcomm" for product "Msm8909w Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8909w
Search vendor "Qualcomm" for product "Msm8909w"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8996au Firmware
Search vendor "Qualcomm" for product "Msm8996au Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8996au
Search vendor "Qualcomm" for product "Msm8996au"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca9531 Firmware
Search vendor "Qualcomm" for product "Qca9531 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca9531
Search vendor "Qualcomm" for product "Qca9531"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qcn5502 Firmware
Search vendor "Qualcomm" for product "Qcn5502 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qcn5502
Search vendor "Qualcomm" for product "Qcn5502"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qcs405 Firmware
Search vendor "Qualcomm" for product "Qcs405 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qcs405
Search vendor "Qualcomm" for product "Qcs405"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdx20 Firmware
Search vendor "Qualcomm" for product "Sdx20 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdx20
Search vendor "Qualcomm" for product "Sdx20"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sm6150 Firmware
Search vendor "Qualcomm" for product "Sm6150 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sm6150
Search vendor "Qualcomm" for product "Sm6150"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sm7150 Firmware
Search vendor "Qualcomm" for product "Sm7150 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sm7150
Search vendor "Qualcomm" for product "Sm7150"
--
Safe
Arista
Search vendor "Arista"
Access Point
Search vendor "Arista" for product "Access Point"
<= 8.8.3-12
Search vendor "Arista" for product "Access Point" and version " <= 8.8.3-12"
-
Affected
in Arista
Search vendor "Arista"
Av2
Search vendor "Arista" for product "Av2"
--
Safe
Arista
Search vendor "Arista"
Access Point
Search vendor "Arista" for product "Access Point"
<= 8.8.3-12
Search vendor "Arista" for product "Access Point" and version " <= 8.8.3-12"
-
Affected
in Arista
Search vendor "Arista"
C-75
Search vendor "Arista" for product "C-75"
--
Safe
Arista
Search vendor "Arista"
Access Point
Search vendor "Arista" for product "Access Point"
<= 8.8.3-12
Search vendor "Arista" for product "Access Point" and version " <= 8.8.3-12"
-
Affected
in Arista
Search vendor "Arista"
C75-e
Search vendor "Arista" for product "C75-e"
--
Safe
Arista
Search vendor "Arista"
Access Point
Search vendor "Arista" for product "Access Point"
<= 8.8.3-12
Search vendor "Arista" for product "Access Point" and version " <= 8.8.3-12"
-
Affected
in Arista
Search vendor "Arista"
O-90
Search vendor "Arista" for product "O-90"
--
Safe
Arista
Search vendor "Arista"
Access Point
Search vendor "Arista" for product "Access Point"
<= 8.8.3-12
Search vendor "Arista" for product "Access Point" and version " <= 8.8.3-12"
-
Affected
in Arista
Search vendor "Arista"
O90e
Search vendor "Arista" for product "O90e"
--
Safe
Arista
Search vendor "Arista"
Access Point
Search vendor "Arista" for product "Access Point"
<= 8.8.3-12
Search vendor "Arista" for product "Access Point" and version " <= 8.8.3-12"
-
Affected
in Arista
Search vendor "Arista"
W-68
Search vendor "Arista" for product "W-68"
--
Safe
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
10.0
Search vendor "Debian" for product "Debian Linux" and version "10.0"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
9.0
Search vendor "Debian" for product "Debian Linux" and version "9.0"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
10.0
Search vendor "Debian" for product "Debian Linux" and version "10.0"
-
Affected