Vulnerability Description
u'Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ5018, IPQ6018, IPQ8074, Kamorta, MSM8998, Nicobar, QCA6390, QCA8081, QCS404, QCS405, QCS605, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8098 Firmware | - |
| Qualcomm | Apq8098 | - |
| Qualcomm | Ipq5018 Firmware | - |
| Qualcomm | Ipq5018 | - |
| Qualcomm | Ipq6018 Firmware | - |
| Qualcomm | Ipq6018 | - |
| Qualcomm | Ipq8074 Firmware | - |
| Qualcomm | Ipq8074 | - |
| Qualcomm | Kamorta Firmware | - |
| Qualcomm | Kamorta | - |
| Qualcomm | Msm8998 Firmware | - |
| Qualcomm | Msm8998 | - |
| Qualcomm | Nicobar Firmware | - |
| Qualcomm | Nicobar | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca8081 Firmware | - |
| Qualcomm | Qca8081 | - |
| Qualcomm | Qcs404 Firmware | - |
| Qualcomm | Qcs404 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletinBroken LinkVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletinBroken LinkVendor Advisory
FAQ
What is CVE-2020-3667?
CVE-2020-3667 is a vulnerability with a CVSS score of 9.8 (CRITICAL). u'Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consum...
How severe is CVE-2020-3667?
CVE-2020-3667 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-3667?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8098 Firmware, Qualcomm Apq8098, Qualcomm Ipq5018 Firmware, Qualcomm Ipq5018, Qualcomm Ipq6018 Firmware.