Buffer overflow in Qualcomm products - CVE-2020-3668
Published: May 17, 2025
Vulnerability identifier: #VU109345
CSH Severity:
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:
CVE-ID: CVE-2020-3668
CWE-ID: CWE-120
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Qualcomm
Affected software:
IPQ6018
QCA6390
QCA8081
QCS404
SA415M
SC7180
SDM850
IPQ8074
Kamorta
Nicobar
QCN7605
QCS405
QCS605
Rennell
SC8180X
SDA845
SDM670
SDM710
SDM845
SM6150
SM7150
SM8150
SXR1130
IPQ6018
QCA6390
QCA8081
QCS404
SA415M
SC7180
SDM850
IPQ8074
Kamorta
Nicobar
QCN7605
QCS405
QCS605
Rennell
SC8180X
SDA845
SDM670
SDM710
SDM845
SM6150
SM7150
SM8150
SXR1130
Detailed vulnerability description
The vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in WLAN. #AV# #AU# can #EXT_IMPACT#.
How to mitigate CVE-2020-3668
Install security update from vendor's website.