Improper Access Control in Qualcomm products - CVE-2020-3611
Published: May 17, 2025
Vulnerability identifier: #VU109335
CSH Severity:
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:
CVE-ID: CVE-2020-3611
CWE-ID: CWE-284
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Qualcomm
Affected software:
APQ8098
Kamorta
MSM8998
QCS605
SDA660
SDA845
SDM630
SDM636
SDM660
SDM670
SDM710
SDM845
SXR1130
QCS404
SDM850
APQ8098
Kamorta
MSM8998
QCS605
SDA660
SDA845
SDM630
SDM636
SDM660
SDM670
SDM710
SDM845
SXR1130
QCS404
SDM850
Detailed vulnerability description
The vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in Core. #AV# #AU# can #EXT_IMPACT#.
How to mitigate CVE-2020-3611
Install security update from vendor's website.