CVE-2020-3702

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-3702
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

3.3 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html Mailing List Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58 Third Party Advisory
https://www.debian.org/security/2021/dsa-4978 Third Party Advisory
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html Mailing List Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58 Third Party Advisory
https://www.debian.org/security/2021/dsa-4978 Third Party Advisory
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:qca9531_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9531:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:qcn5502_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5502:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*

Configuration 12 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:a:arista:access_point:*:*:*:*:*:*:*:*
OR cpe:2.3:h:arista:av2:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:c75-e:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:o90e:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*

Configuration 14 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
History

21 Nov 2024, 05:31

Type Values Removed Values Added
References () https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html - Mailing List, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html - Mailing List, Third Party Advisory
References () https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58 - Third Party Advisory () https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58 - Third Party Advisory
References () https://www.debian.org/security/2021/dsa-4978 - Third Party Advisory () https://www.debian.org/security/2021/dsa-4978 - Third Party Advisory
References () https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin - Vendor Advisory () https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin - Vendor Advisory
Information

Published : 2020-09-08 10:15

Updated : 2024-11-21 05:31

NVD link : CVE-2020-3702

Mitre link : CVE-2020-3702

CVE.ORG link : CVE-2020-3702

JSON object : View

Products Affected

qualcomm

  • sm6150_firmware
  • apq8053
  • msm8909w
  • msm8909w_firmware
  • ipq8064_firmware
  • qcs405
  • sm7150_firmware
  • apq8053_firmware
  • qcs405_firmware
  • ipq4019
  • ipq8064
  • qca9531_firmware
  • sdx20
  • qcn5502_firmware
  • sdx20_firmware
  • msm8996au
  • sm7150
  • msm8996au_firmware
  • qca9531
  • ipq4019_firmware
  • sm6150
  • qcn5502

arista

  • c-75
  • o-90
  • c75-e
  • access_point
  • o90e
  • w-68
  • av2

debian

  • debian_linux
CWE
CWE-319

Cleartext Transmission of Sensitive Information


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024