1. Home
  2. CVE Database
  3. CVE-2020-3675
CRITICAL · 9.8

CVE-2020-3675

u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Cons...

Vulnerability Description

u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ5018, IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCN7605, QCS404, QCS405, Rennell, SA415M, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommIpq5018 Firmware-
QualcommIpq5018-
QualcommIpq6018 Firmware-
QualcommIpq6018-
QualcommIpq8074 Firmware-
QualcommIpq8074-
QualcommKamorta Firmware-
QualcommKamorta-
QualcommNicobar Firmware-
QualcommNicobar-
QualcommQca6390 Firmware-
QualcommQca6390-
QualcommQcn7605 Firmware-
QualcommQcn7605-
QualcommQcs404 Firmware-
QualcommQcs404-
QualcommQcs405 Firmware-
QualcommQcs405-
QualcommRennell Firmware-
QualcommRennell-

Related Weaknesses (CWE)

CWE-191

References

FAQ

What is CVE-2020-3675?

CVE-2020-3675 is a vulnerability with a CVSS score of 9.8 (CRITICAL). u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Cons...

How severe is CVE-2020-3675?

CVE-2020-3675 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2020-3675?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ipq5018 Firmware, Qualcomm Ipq5018, Qualcomm Ipq6018 Firmware, Qualcomm Ipq6018, Qualcomm Ipq8074 Firmware.