CVE-2020-3632

CVE Database · CVE-2020-3632

CVE-2020-3632

· HIGHModified

CVSS v3.1

7.8

EPSS

0.20%

Published

Nov 12, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

u'Incorrect validation of ring context fetched from host memory can lead to memory overflow' in Snapdragon Compute, Snapdragon Mobile in QSM8350, SC7180, SDX55, SDX55M, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-129

Affected Products (38)

qualcomm · qsm8350_firmwarevulnerable

qualcomm · qsm8350

qualcomm · sc7180_firmwarevulnerable

qualcomm · sc7180

qualcomm · sdx55_firmwarevulnerable

qualcomm · sdx55

qualcomm · sdx55m_firmwarevulnerable

qualcomm · sdx55m

qualcomm · sm6150_firmwarevulnerable

qualcomm · sm6150

qualcomm · sm6250_firmwarevulnerable

· sm6250

References (2)

https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs