FKIE_CVE-2020-3657

Vulnerability from fkie_nvd - Published: 2020-11-02 07:15 - Updated: 2024-11-21 05:31
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250
References
product-security@qualcomm.comhttps://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletinBroken Link
nvd@nist.govhttps://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletinVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletinBroken Link
Impacted products
Vendor Product Version
qualcomm apq8009_firmware -
qualcomm apq8009 -
qualcomm apq8017_firmware -
qualcomm apq8017 -
qualcomm apq8053_firmware -
qualcomm apq8053 -
qualcomm apq8096au_firmware -
qualcomm apq8096au -
qualcomm apq8098_firmware -
qualcomm apq8098 -
qualcomm ipq4019_firmware -
qualcomm ipq4019 -
qualcomm ipq6018_firmware -
qualcomm ipq6018 -
qualcomm ipq8064_firmware -
qualcomm ipq8064 -
qualcomm ipq8074_firmware -
qualcomm ipq8074 -
qualcomm mdm9150_firmware -
qualcomm mdm9150 -
qualcomm mdm9206_firmware -
qualcomm mdm9206 -
qualcomm mdm9207c_firmware -
qualcomm mdm9207c -
qualcomm mdm9607_firmware -
qualcomm mdm9607 -
qualcomm mdm9640_firmware -
qualcomm mdm9640 -
qualcomm mdm9650_firmware -
qualcomm mdm9650 -
qualcomm msm8905_firmware -
qualcomm msm8905 -
qualcomm msm8909w_firmware -
qualcomm msm8909w -
qualcomm msm8953_firmware -
qualcomm msm8953 -
qualcomm msm8996au_firmware -
qualcomm msm8996au -
qualcomm qca6574au_firmware -
qualcomm qca6574au -
qualcomm qcs405_firmware -
qualcomm qcs405 -
qualcomm qcs610_firmware -
qualcomm qcs610 -
qualcomm qrb5165_firmware -
qualcomm qrb5165 -
qualcomm sc8180x_firmware -
qualcomm sc8180x -
qualcomm sda660_firmware -
qualcomm sda660 -
qualcomm sda845_firmware -
qualcomm sda845 -
qualcomm sdm429_firmware -
qualcomm sdm429 -
qualcomm sdm429w_firmware -
qualcomm sdm429w -
qualcomm sdm630_firmware -
qualcomm sdm630 -
qualcomm sdm632_firmware -
qualcomm sdm632 -
qualcomm sdm636_firmware -
qualcomm sdm636 -
qualcomm sdm660_firmware -
qualcomm sdm660 -
qualcomm sdm845_firmware -
qualcomm sdm845 -
qualcomm sdx20_firmware -
qualcomm sdx20 -
qualcomm sdx24_firmware -
qualcomm sdx24 -
qualcomm sdx55_firmware -
qualcomm sdx55 -
qualcomm sm8250_firmware -
qualcomm sm8250 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C61BF93F-53DF-4399-AF41-45CEC1E0A2B8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC498E0-B82B-4A53-8F55-6C1DA58AFA88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEDA6CA-A0FD-4A72-B856-C8E65AC86902",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D29295A-7183-46BE-B4EE-F891D1C17ED9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B052615D-857A-46D4-9098-1CBFA14687C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19B59B60-A298-4A56-A45A-E34B7AAB43D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD17C0A3-A200-4659-968B-B2DA03CB683F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1F31FFB-982A-4308-82F8-C2480DABDED8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13A7328A-89FB-4E9C-B4E3-D8097443FB7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "678A68E0-81D8-4562-826E-03872184256C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94CB547F-0078-47CD-B511-06DE96882D5A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA679375-BB14-4B24-8AD9-B2BFBACE2FDB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E2F2D26-2833-45A4-81F0-8E9F338C1E13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB171B1-D163-4801-A241-8DD7193A5DCB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A960B86A-C397-4ACB-AEE6-55F316D32949",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79B8959-3D1E-4B48-9181-D75FE90AAF98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9207c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3CFA66A-CD2E-4670-A137-65E2C94C1A11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9207c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE52FE99-DF0D-4C57-BB9C-0B853D1AF58B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FECFB-60AE-42A8-BCBB-FEA7D5826D49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9765187-8653-4D66-B230-B2CE862AC5C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FD1C359-C79B-4CE8-A192-5AA34D0BF05B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "716B747E-672C-4B95-9D8E-1262338E67EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B7E25E-FA92-4C36-883C-CFF36F4B3507",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECD99C6F-2444-4A5E-A517-0C8023DDF23D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:msm8905_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C9E095A-71DB-4386-827A-53846236AD00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:msm8905:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E981922-BB71-46E0-96C4-4CF75DF221F6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE28A59C-7AA6-4B85-84E8-07852B96108E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DEE828B-09A7-4AC1-8134-491A7C87C118",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE4E0E39-0081-4261-8350-149E763AB462",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F76229-1A4A-4306-A4CC-C823A99F041A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F5A18B-8C9E-4A38-B994-E3E2696BB83D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B703667D-DE09-40AF-BA44-E0E56252A790",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89A1AAD0-9336-4657-8E1E-74E8F490C06E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qrb5165:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "386F2F37-974B-40F2-9B23-ABD49C60E32D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sc8180x_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A45C1A-C921-42B5-9237-367245023B45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sc8180x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C9D979-F214-4CD4-8CF9-43BC804BB179",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2326BD7-28A5-4244-8501-B109913E7AE6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "532D244B-8B5A-4923-B7F1-9DC0A5FC0E9D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "022D7D87-F60F-4DD2-9E0B-A9DFD3D69B22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37FA5777-1B35-4BD1-BB81-CB5DE62F3D56",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFD2C9A-6C25-4B8F-BE64-DAD3DCCDEADD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DE61FCE-CA87-46E1-981D-B44697E54CB1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72F6CE39-9299-4FC3-BC48-11F79034F2E4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA0D645-80F6-48C3-AF0D-99198ADC8778",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "814FF3F3-CD5A-45A3-988C-6457D2CEB48C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A02E12AC-F845-4164-9D95-ACD7167B6DD6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdm632:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "321F7DE7-E6E9-449F-867B-04A9F53334B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdm636_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F00D854-0AC7-415F-B19A-642CB9F72210",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdm636:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F977B432-2709-4D75-AA3E-F440285B7BA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24D7B67C-6FEC-48F8-9D46-778E4528BC20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05006807-D961-446C-B8DC-C87507F1316E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED4B719-53B5-4D16-B3FA-ADE29D28ED86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D342C86B-E184-457C-9F72-BD853ED79425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CE1B23-6FE3-41C4-B264-C7A9E8BDBEC1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "794BA13C-3C63-4695-AA45-676F85D904BE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9BE864E-7B1E-44D5-A10A-60078095DE33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96DD6B48-2554-464D-A061-DBB4B8E00758",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDC730C6-FB32-4566-AAE2-B2B261BA9411",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A432773-467F-492C-AA3A-ADF08A21FB3F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "u\u0027Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250"
    },
    {
      "lang": "es",
      "value": "Una ejecuci\u00f3n de c\u00f3digo remoto puede ocurrir mediante el env\u00edo de una consulta POST cuidadosamente dise\u00f1ada cuando una configuraci\u00f3n del Dispositivo es accedida desde un cliente conectado por medio del servidor web debido a una falta de comprobaci\u00f3n de limites de la matriz\u0026#xa0;en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026amp; Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking en versiones APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250"
    }
  ],
  "id": "CVE-2020-3657",
  "lastModified": "2024-11-21T05:31:30.433",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-02T07:15:14.450",
  "references": [
    {
      "source": "product-security@qualcomm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
    }
  ],
  "sourceIdentifier": "product-security@qualcomm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.