Description
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
Third Party Advisory x_refsource_confirm
https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2021/dsa-4978
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
Scores
CVSS v3
6.5
EPSS
0.0030
EPSS Percentile
53.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-319
Status
published
Products (14)
arista/access_point
< 8.8.3-12
debian/debian_linux
10.0
debian/debian_linux
9.0
qualcomm/apq8053_firmware
qualcomm/ipq4019_firmware
qualcomm/ipq8064_firmware
qualcomm/msm8909w_firmware
qualcomm/msm8996au_firmware
qualcomm/qca9531_firmware
qualcomm/qcn5502_firmware
... and 4 more
Published
Sep 08, 2020
Tracked Since
Feb 18, 2026