CVE-2020-3647

HIGH

Qualcomm MDM9607 QCS405 SC8180X SDX55 SM6150 SM7150 SM8150 Firmware - Out-of-bounds Write via NPU DebugFS Node

Title source: llm

Description

u'Potential buffer overflow when accessing npu debugfs node "off"/"log" with large buffer size' in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, SC8180X, SDX55, SM6150, SM7150, SM8150

References (2)

Core 2

Core References

Broken Link x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

Scores

CVSS v3 7.8

EPSS 0.0016

EPSS Percentile 35.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (7)

qualcomm/mdm9607_firmware

qualcomm/qcs405_firmware

qualcomm/sc8180x_firmware

qualcomm/sdx55_firmware

qualcomm/sm6150_firmware

qualcomm/sm7150_firmware

qualcomm/sm8150_firmware

Published Sep 08, 2020

Tracked Since Feb 18, 2026