CVE-2020-3628

CVE Database · CVE-2020-3628

CVE-2020-3628

· CRITICALModified

CVSS v3.1

9.8

EPSS

0.96%

Published

Jun 22, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Improper access due to socket opened by the logging application without specifying localhost address in Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, Rennell, SDX20

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products (6)

qualcomm · apq8053_firmwarevulnerable

qualcomm · apq8053

qualcomm · rennell_firmwarevulnerable

qualcomm · rennell

qualcomm · sdx20_firmwarevulnerable

qualcomm · sdx20

References (3)

https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin

Broken Link

https://www.qualcomm.com/company/product-security/bulletins/june-2020-security-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin

Broken Link

KEV Catalog EPSS Scores Vendors All CVEs