CVE-2020-3684

HIGH

Snapdragon Auto Snapdragon Compute Snapdragon Connectivity Snapdrag...

Title source: llm

Description

u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

References (2)

Core 2

Core References

Broken Link x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin

Scores

CVSS v3 7.8

EPSS 0.0008

EPSS Percentile 22.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (45)

qualcomm/agatti_firmware

qualcomm/apq8009_firmware

qualcomm/apq8098_firmware

qualcomm/bitra_firmware

qualcomm/ipq6018_firmware

qualcomm/kamorta_firmware

qualcomm/mdm9150_firmware

qualcomm/mdm9205_firmware

qualcomm/mdm9206_firmware

qualcomm/mdm9607_firmware

... and 35 more

Published Nov 02, 2020

Tracked Since Feb 18, 2026