CVE-2020-3703
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130
Un problema de lectura excesiva del búfer en el firmware del periférico Bluetooth debido a una falta de comprobación del opcode no válido y la longitud del opcode recibido del dispositivo central (este CVE es equivalente a un problema de Link Layer Length Overfow (CVE-2019-16336, CVE-2019-17519) ) y un problema de Silent Length Overflow (CVE-2019-17518) mencionado en sweyntooth paper) en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music en versiones APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-12-17 CVE Reserved
- 2020-11-02 CVE Published
- 2023-07-19 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-125: Out-of-bounds Read
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin | 2021-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Apq8053 Firmware Search vendor "Qualcomm" for product "Apq8053 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8053 Search vendor "Qualcomm" for product "Apq8053" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Apq8076 Firmware Search vendor "Qualcomm" for product "Apq8076 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8076 Search vendor "Qualcomm" for product "Apq8076" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Ar9344 Firmware Search vendor "Qualcomm" for product "Ar9344 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Ar9344 Search vendor "Qualcomm" for product "Ar9344" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Bitra Firmware Search vendor "Qualcomm" for product "Bitra Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Bitra Search vendor "Qualcomm" for product "Bitra" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Kamorta Firmware Search vendor "Qualcomm" for product "Kamorta Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Kamorta Search vendor "Qualcomm" for product "Kamorta" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9206 Firmware Search vendor "Qualcomm" for product "Mdm9206 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9206 Search vendor "Qualcomm" for product "Mdm9206" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9207c Firmware Search vendor "Qualcomm" for product "Mdm9207c Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9207c Search vendor "Qualcomm" for product "Mdm9207c" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9607 Firmware Search vendor "Qualcomm" for product "Mdm9607 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9607 Search vendor "Qualcomm" for product "Mdm9607" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8905 Firmware Search vendor "Qualcomm" for product "Msm8905 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8905 Search vendor "Qualcomm" for product "Msm8905" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8917 Firmware Search vendor "Qualcomm" for product "Msm8917 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8917 Search vendor "Qualcomm" for product "Msm8917" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8937 Firmware Search vendor "Qualcomm" for product "Msm8937 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8937 Search vendor "Qualcomm" for product "Msm8937" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8940 Firmware Search vendor "Qualcomm" for product "Msm8940 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8940 Search vendor "Qualcomm" for product "Msm8940" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8953 Firmware Search vendor "Qualcomm" for product "Msm8953 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8953 Search vendor "Qualcomm" for product "Msm8953" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Nicobar Firmware Search vendor "Qualcomm" for product "Nicobar Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Nicobar Search vendor "Qualcomm" for product "Nicobar" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qca6174a Firmware Search vendor "Qualcomm" for product "Qca6174a Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca6174a Search vendor "Qualcomm" for product "Qca6174a" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qca9377 Firmware Search vendor "Qualcomm" for product "Qca9377 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca9377 Search vendor "Qualcomm" for product "Qca9377" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcm2150 Firmware Search vendor "Qualcomm" for product "Qcm2150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcm2150 Search vendor "Qualcomm" for product "Qcm2150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcm6125 Firmware Search vendor "Qualcomm" for product "Qcm6125 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcm6125 Search vendor "Qualcomm" for product "Qcm6125" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs404 Firmware Search vendor "Qualcomm" for product "Qcs404 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs404 Search vendor "Qualcomm" for product "Qcs404" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs405 Firmware Search vendor "Qualcomm" for product "Qcs405 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs405 Search vendor "Qualcomm" for product "Qcs405" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs605 Firmware Search vendor "Qualcomm" for product "Qcs605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs605 Search vendor "Qualcomm" for product "Qcs605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs610 Firmware Search vendor "Qualcomm" for product "Qcs610 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs610 Search vendor "Qualcomm" for product "Qcs610" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qm215 Firmware Search vendor "Qualcomm" for product "Qm215 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qm215 Search vendor "Qualcomm" for product "Qm215" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Rennell Firmware Search vendor "Qualcomm" for product "Rennell Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Rennell Search vendor "Qualcomm" for product "Rennell" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sc8180x Firmware Search vendor "Qualcomm" for product "Sc8180x Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sc8180x Search vendor "Qualcomm" for product "Sc8180x" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm429 Firmware Search vendor "Qualcomm" for product "Sdm429 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm429 Search vendor "Qualcomm" for product "Sdm429" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm439 Firmware Search vendor "Qualcomm" for product "Sdm439 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm439 Search vendor "Qualcomm" for product "Sdm439" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm450 Firmware Search vendor "Qualcomm" for product "Sdm450 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm450 Search vendor "Qualcomm" for product "Sdm450" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm630 Firmware Search vendor "Qualcomm" for product "Sdm630 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm630 Search vendor "Qualcomm" for product "Sdm630" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm632 Firmware Search vendor "Qualcomm" for product "Sdm632 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm632 Search vendor "Qualcomm" for product "Sdm632" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm636 Firmware Search vendor "Qualcomm" for product "Sdm636 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm636 Search vendor "Qualcomm" for product "Sdm636" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm660 Firmware Search vendor "Qualcomm" for product "Sdm660 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm660 Search vendor "Qualcomm" for product "Sdm660" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm670 Firmware Search vendor "Qualcomm" for product "Sdm670 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm670 Search vendor "Qualcomm" for product "Sdm670" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm710 Firmware Search vendor "Qualcomm" for product "Sdm710 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm710 Search vendor "Qualcomm" for product "Sdm710" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm845 Firmware Search vendor "Qualcomm" for product "Sdm845 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm845 Search vendor "Qualcomm" for product "Sdm845" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx20 Firmware Search vendor "Qualcomm" for product "Sdx20 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx20 Search vendor "Qualcomm" for product "Sdx20" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx24 Firmware Search vendor "Qualcomm" for product "Sdx24 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx24 Search vendor "Qualcomm" for product "Sdx24" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm6150 Firmware Search vendor "Qualcomm" for product "Sm6150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm6150 Search vendor "Qualcomm" for product "Sm6150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm7150 Firmware Search vendor "Qualcomm" for product "Sm7150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm7150 Search vendor "Qualcomm" for product "Sm7150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm8150 Firmware Search vendor "Qualcomm" for product "Sm8150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm8150 Search vendor "Qualcomm" for product "Sm8150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sxr1130 Firmware Search vendor "Qualcomm" for product "Sxr1130 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sxr1130 Search vendor "Qualcomm" for product "Sxr1130" | - | - |
Safe
|