Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2020-3703

Published

3 years ago

Last Modified

2 years ago

CVSSv2.0 Severity

High

CVSSv3.1 Severity

Critical

Impact Analysis

u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130.

CVSSv2.0 Score

Severity: High
Base Score: 7.5/10
Exploit Score: 10/10
Access Vector: Network
Access Complexity: Low
Authentication Required: None
Impact Score: 6.4/10
Confidentiality Impact: Partial
Availability Impact: Partial
Integrity Impact: Partial

CVSSv3.1 Score

Severity: Critical
Base Score: 9.8/10
Exploit Score: 3.9/10
Access Vector: Network
Access Complexity: Low
Privileges Required: None
Impact Score: 5.9/10
Confidentiality Impact: High
Availability Impact: High
Integrity Impact: High
Scope: Unchanged
User Interaction: None

Products Affected

CPE	Affected	Excluding
cpe:2.3:o:qualcomm:apq8053_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:apq8053:-:::::::*	No	-
cpe:2.3:o:qualcomm:apq8076_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:apq8076:-:::::::*	No	-
cpe:2.3:o:qualcomm:ar9344_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:ar9344:-:::::::*	No	-
cpe:2.3:o:qualcomm:bitra_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:bitra:-:::::::*	No	-
cpe:2.3:o:qualcomm:kamorta_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:kamorta:-:::::::*	No	-
cpe:2.3:o:qualcomm:mdm9206_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:mdm9206:-:::::::*	No	-
cpe:2.3:o:qualcomm:mdm9207c_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:mdm9207c:-:::::::*	No	-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:mdm9607:-:::::::*	No	-
cpe:2.3:o:qualcomm:msm8905_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:msm8905:-:::::::*	No	-
cpe:2.3:o:qualcomm:msm8917_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:msm8917:-:::::::*	No	-
cpe:2.3:o:qualcomm:msm8937_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:msm8937:-:::::::*	No	-
cpe:2.3:o:qualcomm:msm8940_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:msm8940:-:::::::*	No	-
cpe:2.3:o:qualcomm:msm8953_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:msm8953:-:::::::*	No	-
cpe:2.3:o:qualcomm:nicobar_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:nicobar:-:::::::*	No	-
cpe:2.3:o:qualcomm:qca6174a_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:qca6174a:-:::::::*	No	-
cpe:2.3:o:qualcomm:qca9377_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:qca9377:-:::::::*	No	-
cpe:2.3:o:qualcomm:qcm2150_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:qcm2150:-:::::::*	No	-
cpe:2.3:o:qualcomm:qcm6125_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:qcm6125:-:::::::*	No	-
cpe:2.3:o:qualcomm:qcs404_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:qcs404:-:::::::*	No	-
cpe:2.3:o:qualcomm:qcs405_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:qcs405:-:::::::*	No	-
cpe:2.3:o:qualcomm:qcs605_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:qcs605:-:::::::*	No	-
cpe:2.3:o:qualcomm:qcs610_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:qcs610:-:::::::*	No	-
cpe:2.3:o:qualcomm:qm215_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:qm215:-:::::::*	No	-
cpe:2.3:o:qualcomm:rennell_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:rennell:-:::::::*	No	-
cpe:2.3:o:qualcomm:sc8180x_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sc8180x:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm429_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm429:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm439_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm439:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm450_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm450:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm630_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm630:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm632_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm632:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm636_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm636:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm660_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm660:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm670_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm670:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm710_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm710:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdm845_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdm845:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdx20_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdx20:-:::::::*	No	-
cpe:2.3:o:qualcomm:sdx24_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sdx24:-:::::::*	No	-
cpe:2.3:o:qualcomm:sm6150_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sm6150:-:::::::*	No	-
cpe:2.3:o:qualcomm:sm7150_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sm7150:-:::::::*	No	-
cpe:2.3:o:qualcomm:sm8150_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sm8150:-:::::::*	No	-
cpe:2.3:o:qualcomm:sxr1130_firmware:-:::::::*	Yes	-
cpe:2.3:h:qualcomm:sxr1130:-:::::::*	No	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2020-3703

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2020-3703

CVE information

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References