CVE-2020-3673

CRITICAL

Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapd...

Title source: llm

Description

u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

References (2)

Core 2

Core References

Broken Link x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin

Scores

CVSS v3 9.8

EPSS 0.0021

EPSS Percentile 43.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-129

Status published

Products (40)

qualcomm/agatti_firmware

qualcomm/apq8053_firmware

qualcomm/apq8096au_firmware

qualcomm/apq8098_firmware

qualcomm/bitra_firmware

qualcomm/kamorta_firmware

qualcomm/msm8905_firmware

qualcomm/msm8909w_firmware

qualcomm/msm8917_firmware

qualcomm/msm8940_firmware

... and 30 more

Published Nov 02, 2020

Tracked Since Feb 18, 2026