#VU29645 Buffer overflow in Qualcomm products - CVE-2020-3699
Vulnerability identifier: #VU29645
Vulnerability risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
APQ8009
Hardware solutions /
Firmware
SM7150
Hardware solutions /
Firmware
SM6150
Hardware solutions /
Firmware
MDM9640
Hardware solutions /
Firmware
SXR2130
Hardware solutions /
Firmware
SM8250
Hardware solutions /
Firmware
SM8150
Hardware solutions /
Firmware
SDX55
Hardware solutions /
Firmware
SDX20
Hardware solutions /
Firmware
SDM845
Hardware solutions /
Firmware
SDM660
Hardware solutions /
Firmware
SDM636
Hardware solutions /
Firmware
SDM632
Hardware solutions /
Firmware
SDM630
Hardware solutions /
Firmware
SDM450
Hardware solutions /
Firmware
SDM439
Hardware solutions /
Firmware
SDM429W
Hardware solutions /
Firmware
SDM429
Hardware solutions /
Firmware
SDA845
Hardware solutions /
Firmware
SC8180X
Hardware solutions /
Firmware
Saipan
Hardware solutions /
Firmware
SA6155P
Hardware solutions /
Firmware
QM215
Hardware solutions /
Firmware
QCS605
Hardware solutions /
Firmware
QCS405
Hardware solutions /
Firmware
QCN7605
Hardware solutions /
Firmware
QCM2150
Hardware solutions /
Firmware
QCA9379
Hardware solutions /
Firmware
QCA9377
Hardware solutions /
Firmware
QCA6574AU
Hardware solutions /
Firmware
QCA6174A
Hardware solutions /
Firmware
Nicobar
Hardware solutions /
Firmware
MSM8996AU
Hardware solutions /
Firmware
MSM8953
Hardware solutions /
Firmware
MSM8940
Hardware solutions /
Firmware
MSM8937
Hardware solutions /
Firmware
MSM8920
Hardware solutions /
Firmware
MSM8917
Hardware solutions /
Firmware
MSM8909W
Hardware solutions /
Firmware
MSM8905
Hardware solutions /
Firmware
MDM9650
Hardware solutions /
Firmware
MDM9607
Hardware solutions /
Firmware
MDM9207C
Hardware solutions /
Firmware
MDM9206
Hardware solutions /
Firmware
APQ8096AU
Hardware solutions /
Firmware
APQ8053
Hardware solutions /
Firmware
APQ8017
Hardware solutions /
Firmware
Vendor: Qualcomm
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in WLAN HOST. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
APQ8009: All versions
SM7150: All versions
SM6150: All versions
MDM9640: All versions
SXR2130: All versions
SM8250: All versions
SM8150: All versions
SDX55: All versions
SDX20: All versions
SDM845: All versions
SDM660: All versions
SDM636: All versions
SDM632: All versions
SDM630: All versions
SDM450: All versions
SDM439: All versions
SDM429W: All versions
SDM429: All versions
SDA845: All versions
SC8180X: All versions
Saipan: All versions
SA6155P: All versions
QM215: All versions
QCS605: All versions
QCS405: All versions
QCN7605: All versions
QCM2150: All versions
QCA9379: All versions
QCA9377: All versions
QCA6574AU: All versions
QCA6174A: All versions
Nicobar: All versions
MSM8996AU: All versions
MSM8953: All versions
MSM8940: All versions
MSM8937: All versions
MSM8920: All versions
MSM8917: All versions
MSM8909W: All versions
MSM8905: All versions
MDM9650: All versions
MDM9607: All versions
MDM9207C: All versions
MDM9206: All versions
APQ8096AU: All versions
APQ8053: All versions
APQ8017: All versions
External links
https://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=87baef651fcb908b334c0034e98adde90be848b0
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
