Vulnerability Description
u'A buffer overflow could occur if the API is improperly used due to UIE init does not contain a buffer size a param' in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Agatti, Kamorta, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SXR1130
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Agatti Firmware | - |
| Qualcomm | Agatti | - |
| Qualcomm | Kamorta Firmware | - |
| Qualcomm | Kamorta | - |
| Qualcomm | Qcs404 Firmware | - |
| Qualcomm | Qcs404 | - |
| Qualcomm | Qcs605 Firmware | - |
| Qualcomm | Qcs605 | - |
| Qualcomm | Sda845 Firmware | - |
| Qualcomm | Sda845 | - |
| Qualcomm | Sdm670 Firmware | - |
| Qualcomm | Sdm670 | - |
| Qualcomm | Sdm710 Firmware | - |
| Qualcomm | Sdm710 | - |
| Qualcomm | Sdm845 Firmware | - |
| Qualcomm | Sdm845 | - |
| Qualcomm | Sxr1130 Firmware | - |
| Qualcomm | Sxr1130 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletiBroken Link
- https://www.qualcomm.com/company/product-security/bulletins/october-2020-securitVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletiBroken Link
FAQ
What is CVE-2020-3678?
CVE-2020-3678 is a vulnerability with a CVSS score of 7.8 (HIGH). u'A buffer overflow could occur if the API is improperly used due to UIE init does not contain a buffer size a param' in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrag...
How severe is CVE-2020-3678?
CVE-2020-3678 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-3678?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Agatti Firmware, Qualcomm Agatti, Qualcomm Kamorta Firmware, Qualcomm Kamorta, Qualcomm Qcs404 Firmware.