Vulnerability Details CVE-2020-3702
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.3
References
- https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
- https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
- https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58
- https://www.debian.org/security/2021/dsa-4978
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
- https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
- https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
- https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58
- https://www.debian.org/security/2021/dsa-4978
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
Products affected by CVE-2020-3702
-
cpe:2.3:a:arista:access_point:*
-
cpe:2.3:h:arista:av2:-
-
cpe:2.3:h:arista:c-75:-
-
cpe:2.3:h:arista:c75-e:-
-
cpe:2.3:h:arista:o-90:-
-
cpe:2.3:h:arista:o90e:-
-
cpe:2.3:h:arista:w-68:-
-
cpe:2.3:h:qualcomm:apq8053:-
-
cpe:2.3:h:qualcomm:ipq4019:-
-
cpe:2.3:h:qualcomm:ipq8064:-
-
cpe:2.3:h:qualcomm:msm8909w:-
-
cpe:2.3:h:qualcomm:msm8996au:-
-
cpe:2.3:h:qualcomm:qca9531:-
-
cpe:2.3:h:qualcomm:qcn5502:-
-
cpe:2.3:h:qualcomm:qcs405:-
-
cpe:2.3:h:qualcomm:sdx20:-
-
cpe:2.3:h:qualcomm:sm6150:-
-
cpe:2.3:h:qualcomm:sm7150:-
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:qualcomm:apq8053_firmware:-
-
cpe:2.3:o:qualcomm:ipq4019_firmware:-
-
cpe:2.3:o:qualcomm:ipq8064_firmware:-
-
cpe:2.3:o:qualcomm:msm8909w_firmware:-
-
cpe:2.3:o:qualcomm:msm8996au_firmware:-
-
cpe:2.3:o:qualcomm:qca9531_firmware:-
-
cpe:2.3:o:qualcomm:qcn5502_firmware:-
-
cpe:2.3:o:qualcomm:qcs405_firmware:-
-
cpe:2.3:o:qualcomm:sdx20_firmware:-
-
cpe:2.3:o:qualcomm:sm6150_firmware:-
-
cpe:2.3:o:qualcomm:sm7150_firmware:-