#VU29647 Out-of-bounds read in Qualcomm products - CVE-2020-3700

Cybersecurity Help s.r.o.

Published: 2020-07-10 | Updated: 2021-03-03

Vulnerability identifier: #VU29647

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-3700

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vendor: Qualcomm

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in WIN WLAN Host. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

APQ8053: All versions

QCA9980: All versions

QCA9558: All versions

QCA9531: All versions

IPQ8074: All versions

IPQ8064: All versions

IPQ4019: All versions

SXR2130: All versions

SM8250: All versions

SM8150: All versions

SDX55: All versions

SDM439: All versions

SC8180X: All versions

QCA6574AU: All versions

MSM8996AU: All versions

MSM8909W: All versions

MDM9607: All versions

APQ8096AU: All versions

External links
https://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
https://source.codeaurora.org/quic/la/platform/external/wpa_supplicant_8/commit?id=c8d215c57c049ed7015ded342ebaaef21b438425

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Qualcomm Chipsets

Multiple vulnerabilities in Google Android