Risk | Low |
Patch available | YES |
Number of vulnerabilities | 50 |
CVE-ID | CVE-2020-3624 CVE-2019-14056 CVE-2019-14065 CVE-2019-14089 CVE-2019-14115 CVE-2019-14119 CVE-2020-11122 CVE-2020-11133 CVE-2020-3611 CVE-2020-3620 CVE-2020-3622 CVE-2020-3629 CVE-2019-14025 CVE-2020-3636 CVE-2020-3640 CVE-2020-3643 CVE-2020-3644 CVE-2020-3666 CVE-2020-3668 CVE-2020-3669 CVE-2020-3675 CVE-2019-14117 CVE-2020-11120 CVE-2019-14052 CVE-2019-13999 CVE-2020-11116 CVE-2019-10562 CVE-2020-11115 CVE-2020-11118 CVE-2020-11117 CVE-2020-3702 CVE-2019-14074 CVE-2020-11128 CVE-2020-3646 CVE-2020-3647 CVE-2020-3648 CVE-2020-11158 CVE-2019-10628 CVE-2019-13995 CVE-2019-10629 CVE-2019-13994 CVE-2019-13998 CVE-2020-3619 CVE-2020-3621 CVE-2020-3667 CVE-2018-13903 CVE-2019-10527 CVE-2019-10596 CVE-2019-10615 CVE-2019-13992 |
CWE-ID | CWE-190 CWE-415 CWE-320 CWE-200 CWE-367 CWE-822 CWE-121 CWE-284 CWE-20 CWE-120 CWE-823 CWE-131 CWE-126 CWE-416 CWE-457 CWE-287 CWE-310 CWE-129 CWE-476 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software |
APQ8009 Hardware solutions / Firmware APQ8017 Hardware solutions / Firmware APQ8053 Hardware solutions / Firmware APQ8096AU Hardware solutions / Firmware APQ8098 Hardware solutions / Firmware Kamorta Hardware solutions / Firmware MDM9150 Hardware solutions / Firmware MDM9206 Hardware solutions / Firmware MDM9207C Hardware solutions / Firmware MDM9607 Hardware solutions / Firmware MDM9640 Hardware solutions / Firmware MDM9650 Hardware solutions / Firmware MSM8905 Hardware solutions / Firmware MSM8909W Hardware solutions / Firmware MSM8917 Hardware solutions / Firmware MSM8920 Hardware solutions / Firmware MSM8937 Hardware solutions / Firmware MSM8940 Hardware solutions / Firmware MSM8953 Hardware solutions / Firmware MSM8996AU Hardware solutions / Firmware MSM8998 Hardware solutions / Firmware Nicobar Hardware solutions / Firmware QCM2150 Hardware solutions / Firmware QCN7605 Hardware solutions / Firmware QCS605 Hardware solutions / Firmware QM215 Hardware solutions / Firmware Rennell Hardware solutions / Firmware Saipan Hardware solutions / Firmware SC8180X Hardware solutions / Firmware SDA660 Hardware solutions / Firmware SDA845 Hardware solutions / Firmware SDM429 Hardware solutions / Firmware SDM429W Hardware solutions / Firmware SDM439 Hardware solutions / Firmware SDM450 Hardware solutions / Firmware SDM630 Hardware solutions / Firmware SDM632 Hardware solutions / Firmware SDM636 Hardware solutions / Firmware SDM660 Hardware solutions / Firmware SDM670 Hardware solutions / Firmware SDM710 Hardware solutions / Firmware SDM845 Hardware solutions / Firmware SDX20 Hardware solutions / Firmware SDX24 Hardware solutions / Firmware SDX55 Hardware solutions / Firmware SM6150 Hardware solutions / Firmware SM7150 Hardware solutions / Firmware SM8150 Hardware solutions / Firmware SXR1130 Hardware solutions / Firmware QCS405 Hardware solutions / Firmware SA6155P Hardware solutions / Firmware SXR2130 Hardware solutions / Firmware SM8250 Hardware solutions / Firmware MSM8996 Hardware solutions / Firmware IPQ8074 Hardware solutions / Firmware IPQ4019 Hardware solutions / Firmware IPQ8064 Hardware solutions / Firmware QCA6174A Hardware solutions / Firmware QCA6574AU Hardware solutions / Firmware QCA9377 Hardware solutions / Firmware QCA9379 Hardware solutions / Firmware QCA9531 Hardware solutions / Firmware QCA9558 Hardware solutions / Firmware QCA9980 Hardware solutions / Firmware MDM9205 Mobile applications / Mobile firmware & hardware MDM9615 Mobile applications / Mobile firmware & hardware MDM9625 Mobile applications / Mobile firmware & hardware MDM9635M Mobile applications / Mobile firmware & hardware MDM9645 Mobile applications / Mobile firmware & hardware MDM9655 Mobile applications / Mobile firmware & hardware MSM8909 Mobile applications / Mobile firmware & hardware QCS610 Mobile applications / Mobile firmware & hardware SA415M Mobile applications / Mobile firmware & hardware SA515M Mobile applications / Mobile firmware & hardware SC7180 Mobile applications / Mobile firmware & hardware SDM850 Mobile applications / Mobile firmware & hardware QCS404 Mobile applications / Mobile firmware & hardware APQ8076 Mobile applications / Mobile firmware & hardware IPQ6018 Mobile applications / Mobile firmware & hardware Bitra Mobile applications / Mobile firmware & hardware QCA8081 Mobile applications / Mobile firmware & hardware QCA6574 Mobile applications / Mobile firmware & hardware QCA6584AU Mobile applications / Mobile firmware & hardware QCA9563 Mobile applications / Mobile firmware & hardware QCA9880 Mobile applications / Mobile firmware & hardware QCA9886 Mobile applications / Mobile firmware & hardware QCN5500 Mobile applications / Mobile firmware & hardware QCN5502 Mobile applications / Mobile firmware & hardware QCA6390 Mobile applications / Mobile firmware & hardware IPQ5018 Mobile applications / Mobile firmware & hardware QCA4531 Mobile applications / Mobile firmware & hardware QCN550x Mobile applications / Mobile firmware & hardware QCA955x Mobile applications / Mobile firmware & hardware QCA956x Mobile applications / Mobile firmware & hardware AR938x Mobile applications / Mobile firmware & hardware AR958x Mobile applications / Mobile firmware & hardware AR934x Mobile applications / Mobile firmware & hardware AR9331 Mobile applications / Mobile firmware & hardware AR9287 Mobile applications / Mobile firmware & hardware QCA9565 Mobile applications / Mobile firmware & hardware QCA9462 Mobile applications / Mobile firmware & hardware QCA9485 Mobile applications / Mobile firmware & hardware IPS PDF releases prior to IPS System 2020. Mobile applications / Mobile firmware & hardware QCN7606 Mobile applications / Mobile firmware & hardware |
Vendor | Qualcomm |
Security Bulletin
This security bulletin contains information about 50 vulnerabilities.
EUVDB-ID: #VU109338
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3624
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Storage. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9207C: All versions
MDM9607: All versions
MDM9615: All versions
MDM9625: All versions
MDM9635M: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8909W: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCM2150: All versions
QCN7605: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA515M: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SXR1130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109326
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-14056
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in TrustZone. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsKamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9607: All versions
MDM9650: All versions
Nicobar: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
Rennell: All versions
SA6155P: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109327
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-14065
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in TrustZone. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8098: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909: All versions
MSM8998: All versions
Nicobar: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
Rennell: All versions
SA515M: All versions
SA6155P: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109329
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-14089
CWE-ID:
CWE-320 - Key Management Errors
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in HLOS. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsKamorta: All versions
Nicobar: All versions
QCS404: All versions
QCS610: All versions
Rennell: All versions
SA515M: All versions
SA6155P: All versions
SC7180: All versions
SC8180X: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109330
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-14115
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Content Protection. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8076: All versions
APQ8096AU: All versions
APQ8098: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCM2150: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA515M: All versions
SA6155P: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109331
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-14119
CWE-ID:
CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in QTEE. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsIPQ6018: All versions
Kamorta: All versions
MDM9205: All versions
MDM9607: All versions
Nicobar: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
Rennell: All versions
SA415M: All versions
SA515M: All versions
SA6155P: All versions
SC7180: All versions
SC8180X: All versions
SDM670: All versions
SDM710: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109332
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-11122
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Video. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8098: All versions
Bitra: All versions
Kamorta: All versions
SA6155P: All versions
Saipan: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109334
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-11133
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMSM8998: All versions
QCS605: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SXR1130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109335
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3611
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Core. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8098: All versions
Kamorta: All versions
MSM8998: All versions
QCS404: All versions
QCS605: All versions
SDA660: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SXR1130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109336
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3620
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Qualcomm IPC. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCA8081: All versions
QCM2150: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109337
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3622
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Qualcomm IPC. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCA8081: All versions
QCM2150: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109339
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3629
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in DSP Services. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsBitra: All versions
Kamorta: All versions
Rennell: All versions
SC7180: All versions
SDM845: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109324
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-14025
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Content Protection. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsKamorta: All versions
QCS404: All versions
QCS610: All versions
Rennell: All versions
SC7180: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109340
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3636
CWE-ID:
CWE-823 - Use of Out-of-range Pointer Offset
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Content Protection. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsKamorta: All versions
QCS404: All versions
QCS610: All versions
Rennell: All versions
SC7180: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109341
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3640
CWE-ID:
CWE-131 - Incorrect Calculation of Buffer Size
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Content Protection. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsBitra: All versions
Kamorta: All versions
QCS404: All versions
QCS610: All versions
Rennell: All versions
Saipan: All versions
SC7180: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109342
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3643
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Content Protection. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8076: All versions
APQ8096AU: All versions
APQ8098: All versions
IPQ6018: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCM2150: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA515M: All versions
SA6155P: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109343
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3644
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Content Protection. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8096AU: All versions
APQ8098: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
Rennell: All versions
SA415M: All versions
SA515M: All versions
SA6155P: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109344
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3666
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
IPQ4019: All versions
IPQ6018: All versions
IPQ8064: All versions
IPQ8074: All versions
MDM9206: All versions
MDM9207C: All versions
MDM9607: All versions
MDM9640: All versions
MDM9650: All versions
MSM8996AU: All versions
MSM8998: All versions
QCA6174A: All versions
QCA6574: All versions
QCA6574AU: All versions
QCA6584AU: All versions
QCA8081: All versions
QCA9377: All versions
QCA9379: All versions
QCA9531: All versions
QCA9558: All versions
QCA9563: All versions
QCA9880: All versions
QCA9886: All versions
QCA9980: All versions
QCN5500: All versions
QCN5502: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
SA6155P: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SXR1130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109345
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3668
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsIPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
Nicobar: All versions
QCA6390: All versions
QCA8081: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
Rennell: All versions
SA415M: All versions
SC7180: All versions
SC8180X: All versions
SDA845: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SXR1130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109346
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3669
CWE-ID:
CWE-823 - Use of Out-of-range Pointer Offset
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8098: All versions
IPQ5018: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MSM8998: All versions
Nicobar: All versions
QCA6390: All versions
QCA8081: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
Rennell: All versions
SA415M: All versions
SC7180: All versions
SC8180X: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109347
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3675
CWE-ID:
CWE-126 - Buffer over-read
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsIPQ5018: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
Nicobar: All versions
QCA6390: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
Rennell: All versions
SA415M: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109350
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-14117
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsBitra: All versions
MDM9607: All versions
QCS405: All versions
Saipan: All versions
SC8180X: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109353
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-11120
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
Kamorta: All versions
MSM8917: All versions
MSM8953: All versions
MSM8998: All versions
QCM2150: All versions
QCS405: All versions
QCS605: All versions
QM215: All versions
Rennell: All versions
Saipan: All versions
SDM429: All versions
SDM439: All versions
SDM450: All versions
SDM632: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109325
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-14052
CWE-ID:
CWE-457 - Use of Uninitialized Variable
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in MODEM. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
MDM9150: All versions
MDM9206: All versions
MDM9607: All versions
MDM9615: All versions
MDM9625: All versions
MDM9635M: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8909W: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCM2150: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
SA415M: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SXR1130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109323
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-13999
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Qualcomm IPC. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCA8081: All versions
QCM2150: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA515M: All versions
SA6155P: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109349
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-11116
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
Kamorta: All versions
MDM9206: All versions
MDM9207C: All versions
MDM9607: All versions
MDM9640: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909W: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996AU: All versions
QCA6174A: All versions
QCA6574AU: All versions
QCA9377: All versions
QCA9379: All versions
QCM2150: All versions
QCN7605: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
SA6155P: All versions
Saipan: All versions
SC8180X: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM845: All versions
SDX20: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109307
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-10562
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in QTEE. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsIPQ6018: All versions
Kamorta: All versions
MSM8998: All versions
Nicobar: All versions
QCS404: All versions
QCS605: All versions
QCS610: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
SC7180: All versions
SDA660: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109351
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-11115
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
Kamorta: All versions
MDM9206: All versions
MDM9207C: All versions
MDM9607: All versions
MDM9640: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909W: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996AU: All versions
MSM8998: All versions
QCA6174A: All versions
QCA6574AU: All versions
QCA9377: All versions
QCA9379: All versions
QCM2150: All versions
QCN7605: All versions
QCS405: All versions
QCS605: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
Saipan: All versions
SC8180X: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM632: All versions
SDM660: All versions
SDM845: All versions
SDX20: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109352
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-11118
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
Kamorta: All versions
MDM9150: All versions
MDM9206: All versions
MDM9207C: All versions
MDM9607: All versions
MDM9640: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909W: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8998: All versions
Nicobar: All versions
QCA6174A: All versions
QCA6574AU: All versions
QCA9377: All versions
QCA9379: All versions
QCM2150: All versions
QCN7605: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
Saipan: All versions
SC8180X: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDX20: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109312
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-11117
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in lbd service. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsIPQ4019: All versions
IPQ6018: All versions
IPQ8064: All versions
IPQ8074: All versions
QCA4531: All versions
QCA9531: All versions
QCA9980: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109316
Risk: Medium
CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-3702
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access top sensitive information.
The vulnerability exists due to improper input validation in WIFI driver(Krook). A remote attacker can temporary disable WPA2 or the WPA/WPA2 mixed-mode encryption and intercept traffic in clear text.
MitigationInstall security update from vendor's website.
Vulnerable software versionsQCN550x: All versions
QCA9531: All versions
QCA955x: All versions
QCA956x: All versions
AR938x: All versions
AR958x: All versions
AR934x: All versions
AR9331: All versions
AR9287: All versions
QCA4531: All versions
QCA9565: All versions
QCA9462: All versions
QCA9485: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109328
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-14074
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Diag Services. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8076: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9207C: All versions
MDM9607: All versions
MDM9625: All versions
MDM9635M: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8909W: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCA8081: All versions
QCM2150: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109333
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-11128
CWE-ID:
CWE-129 - Improper Validation of Array Index
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Diag Services. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
Kamorta: All versions
MDM9150: All versions
MDM9607: All versions
MDM9650: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8998: All versions
QCM2150: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA515M: All versions
SA6155P: All versions
Saipan: All versions
SC8180X: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM632: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109354
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3646
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Video. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsBitra: All versions
MSM8909W: All versions
QCM2150: All versions
QCS405: All versions
QCS605: All versions
Saipan: All versions
SC8180X: All versions
SDA845: All versions
SDM429W: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109355
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3647
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Neural Processing Unit. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMDM9607: All versions
QCS405: All versions
SC8180X: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109356
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3648
CWE-ID:
CWE-823 - Use of Out-of-range Pointer Offset
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in DSP Services. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMSM8909W: All versions
CPE2.3 External linkshttps://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109348
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-11158
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in PDF-Compatible Interpreter. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsIPS PDF releases prior to IPS System 2020.: All versions
CPE2.3 External linkshttps://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109308
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-10628
CWE-ID:
CWE-129 - Improper Validation of Array Index
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Kernel. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8098: All versions
Bitra: All versions
MDM9205: All versions
MDM9650: All versions
MSM8998: All versions
Nicobar: All versions
QCA6390: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109322
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-13995
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Trustzone. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCA8081: All versions
QCM2150: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109309
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-10629
CWE-ID:
CWE-129 - Improper Validation of Array Index
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in kernel. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsBitra: All versions
IPQ6018: All versions
IPQ8074: All versions
MDM9205: All versions
Nicobar: All versions
QCA8081: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA845: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109310
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-13994
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Trustzone. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCA8081: All versions
QCM2150: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109311
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-13998
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Qualcomm IPC. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCA8081: All versions
QCM2150: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA515M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109313
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3619
CWE-ID:
CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Graphics. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8098: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9206: All versions
MDM9607: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8998: All versions
QCA8081: All versions
QCS404: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SC7180: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX24: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SXR1130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109314
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3621
CWE-ID:
CWE-129 - Improper Validation of Array Index
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Qualcomm IPC. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9640: All versions
MDM9645: All versions
MDM9650: All versions
MDM9655: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCA8081: All versions
QCM2150: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109315
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2020-3667
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8098: All versions
IPQ5018: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MSM8998: All versions
Nicobar: All versions
QCA6390: All versions
QCA8081: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
Rennell: All versions
SA415M: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA845: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109317
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2018-13903
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Modem. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8053: All versions
MDM9205: All versions
MDM9206: All versions
MSM8909W: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
SDM450: All versions
SM8150: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109318
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-10527
CWE-ID:
CWE-129 - Improper Validation of Array Index
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Mproc. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Bitra: All versions
IPQ6018: All versions
IPQ8074: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9207C: All versions
MDM9607: All versions
MDM9640: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909: All versions
MSM8909W: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCA4531: All versions
QCA6574AU: All versions
QCA8081: All versions
QCM2150: All versions
QCN7605: All versions
QCN7606: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA515M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109319
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-10596
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in KERNEL. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsBitra: All versions
Nicobar: All versions
QCS605: All versions
QCS610: All versions
Rennell: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109320
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-10615
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Trusted Application. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsAPQ8009: All versions
APQ8017: All versions
APQ8053: All versions
APQ8096AU: All versions
APQ8098: All versions
Kamorta: All versions
MDM9150: All versions
MDM9205: All versions
MDM9206: All versions
MDM9607: All versions
MDM9650: All versions
MSM8905: All versions
MSM8909: All versions
MSM8909W: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8953: All versions
MSM8996: All versions
MSM8996AU: All versions
MSM8998: All versions
Nicobar: All versions
QCM2150: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
QM215: All versions
Rennell: All versions
SA415M: All versions
SA515M: All versions
SA6155P: All versions
SC7180: All versions
SC8180X: All versions
SDA660: All versions
SDA845: All versions
SDM429: All versions
SDM429W: All versions
SDM439: All versions
SDM450: All versions
SDM630: All versions
SDM632: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU109321
Risk:
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:]
CVE-ID: CVE-2019-13992
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in kernel. #AV# #AU# can #EXT_IMPACT#.
MitigationInstall security update from vendor's website.
Vulnerable software versionsBitra: All versions
IPQ6018: All versions
IPQ8074: All versions
MDM9205: All versions
Nicobar: All versions
QCA8081: All versions
QCN7605: All versions
QCS404: All versions
QCS405: All versions
QCS605: All versions
QCS610: All versions
Rennell: All versions
SA415M: All versions
SA6155P: All versions
Saipan: All versions
SC7180: All versions
SC8180X: All versions
SDA845: All versions
SDM670: All versions
SDM710: All versions
SDM845: All versions
SDM850: All versions
SDX20: All versions
SDX24: All versions
SDX55: All versions
SM6150: All versions
SM7150: All versions
SM8150: All versions
SM8250: All versions
SXR1130: All versions
SXR2130: All versions
CPE2.3https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.