VDB
CVE-2020-3700
CVE-2020-3700
PUBLISHED
CVSS 7.5 HIGH
Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no additional execution privileges needed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCA9531, QCA9558, QCA9980, SC8180X, SDM439, SDX55, SM8150, SM8250, SXR2130
EPSS 0.47% · 64.8th percentile
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.47%
64.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| qualcomm | mdm9607_firmware | |
| qualcomm | apq8053_firmware | |
| qualcomm | qca9531_firmware | |
| qualcomm | qca9980_firmware | |
| qualcomm | sdx55_firmware | |
| qualcomm | sdm439_firmware | |
| qualcomm | sc8180x_firmware | |
| qualcomm | ipq4019_firmware | |
| qualcomm | sm8250_firmware | |
| qualcomm | msm8996au_firmware | |
| qualcomm | qca6574au_firmware | |
| qualcomm | qca9558_firmware | |
| qualcomm | sxr2130_firmware | |
| qualcomm | sm8150_firmware | |
| qualcomm | ipq8074_firmware | |
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | APQ8053, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCA9531, QCA9558, QCA9980, SC8180X, SDM439, SDX55, SM8150, SM8250, SXR2130 |
| qualcomm | ipq8064_firmware | |
| qualcomm | apq8096au_firmware | |
| qualcomm | msm8909w_firmware |
Exploit Intelligence
Timeline
- Jul 7, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://source.android.com/security/bulletin/pixel/2020-07-01 advisory
- https://source.android.com/security/bulletin/2020-07-01 advisory
- https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin url
- https://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin patch
- https://nvd.nist.gov/vuln/detail/CVE-2020-3700 advisory