CVE-2020-3626
First published: Mon Jun 01 2020(Updated: )
Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| qualcomm apq8053-ac firmware | ||
| Qualcomm APQ8053 Firmware | ||
| Qualcomm APQ8096AU Firmware | ||
| Qualcomm APQ8096AU Firmware | ||
| qualcomm APQ8098 | ||
| Qualcomm 8098 | ||
| Qualcomm 8905 Firmware | ||
| Qualcomm 8905 | ||
| Qualcomm MSM8909W | ||
| Qualcomm Snapdragon 8909 | ||
| Qualcomm MSM8917 | ||
| Qualcomm MSM8917 Firmware | ||
| Qualcomm 8920 Firmware | ||
| Qualcomm 8920 | ||
| Qualcomm 8937 Firmware | ||
| qualcomm MSM8937 firmware | ||
| qualcomm MSM8940 firmware | ||
| Qualcomm 8940 | ||
| Qualcomm 8953 Firmware | ||
| Qualcomm MSM8953 Firmware | ||
| qualcomm MSM8996AU firmware | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm MSM8998 | ||
| Qualcomm 8998 | ||
| Qualcomm Nicobar | ||
| Qualcomm Nicobar | ||
| Qualcomm QCA6574 Firmware | ||
| Qualcomm QCA6574AU | ||
| Qualcomm ZZ QCS605 firmware | ||
| Qualcomm QCS605 Firmware | ||
| Qualcomm 215 Firmware | ||
| Qualcomm 215 | ||
| Qualcomm Rennell | ||
| qualcomm Rennell firmware | ||
| Qualcomm Saipan Firmware | ||
| Qualcomm Saipan Firmware | ||
| Qualcomm SDA660 | ||
| Qualcomm SDA660 | ||
| Qualcomm SDM429W | ||
| Qualcomm SD429 | ||
| Qualcomm SDM429W | ||
| qualcomm SDM429W firmware | ||
| qualcomm SDM439 firmware | ||
| Qualcomm SDM439 Firmware | ||
| Qualcomm SD 450 Firmware | ||
| Qualcomm Snapdragon 450 | ||
| qualcomm SDM630 firmware | ||
| qualcomm SDM630 | ||
| Qualcomm SDM632 | ||
| Qualcomm SDM632 | ||
| Qualcomm SD 636 Firmware | ||
| Qualcomm SDM636 Firmware | ||
| Qualcomm SD660 Firmware | ||
| Qualcomm Snapdragon 660 | ||
| Qualcomm SD 670 Firmware | ||
| Qualcomm SDM670 Firmware | ||
| Qualcomm SD710 Firmware | ||
| Qualcomm Snapdragon 710 | ||
| Qualcomm SDA/SDM845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| qualcomm SM6150P firmware | ||
| Qualcomm SM6150P | ||
| qualcomm SM7150 firmware | ||
| qualcomm SM7150 firmware | ||
| Qualcomm SM8150P Firmware | ||
| Qualcomm SM8150 Fusion | ||
| Qualcomm SM8250 | ||
| Qualcomm qsm8250 | ||
| Qualcomm SXR1130 | ||
| Qualcomm SXR1130 Firmware | ||
| qualcomm SXR2130P firmware | ||
| Qualcomm SXR2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
- https://www.qualcomm.com/company/product-security/bulletins/june-2020-security-bulletin
- https://source.android.com/docs/security/bulletin/2020-06-01/#asterisk
- https://source.android.com/docs/security/bulletin/2020-06-01 (Advisory)
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-3626.
What is the severity of CVE-2020-3626?
The severity of CVE-2020-3626 is rated as high with a severity value of 7.8.
What software is affected by CVE-2020-3626?
CVE-2020-3626 affects various software including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wearables.
How can I fix CVE-2020-3626?
To fix CVE-2020-3626, it is recommended to apply the security patches provided by the vendor and update the affected software.
Where can I find more information about CVE-2020-3626?
You can find more information about CVE-2020-3626 in the Android Security Bulletin for June 2020 as well as the Qualcomm June 2020 Bulletin.
- agent/references
- agent/type
- agent/weakness
- agent/author
- agent/severity
- agent/description
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm apq8053-ac firmware
- canonical/qualcomm apq8053 firmware
- canonical/qualcomm apq8096au firmware
- canonical/qualcomm apq8098
- canonical/qualcomm 8098
- canonical/qualcomm 8905 firmware
- canonical/qualcomm 8905
- canonical/qualcomm msm8909w
- canonical/qualcomm snapdragon 8909
- canonical/qualcomm msm8917
- canonical/qualcomm msm8917 firmware
- canonical/qualcomm 8920 firmware
- canonical/qualcomm 8920
- canonical/qualcomm 8937 firmware
- canonical/qualcomm msm8937 firmware
- canonical/qualcomm msm8940 firmware
- canonical/qualcomm 8940
- canonical/qualcomm 8953 firmware
- canonical/qualcomm msm8953 firmware
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm msm8998
- canonical/qualcomm 8998
- canonical/qualcomm nicobar
- canonical/qualcomm qca6574 firmware
- canonical/qualcomm qca6574au
- canonical/qualcomm zz qcs605 firmware
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm 215 firmware
- canonical/qualcomm 215
- canonical/qualcomm rennell
- canonical/qualcomm rennell firmware
- canonical/qualcomm saipan firmware
- canonical/qualcomm sda660
- canonical/qualcomm sdm429w
- canonical/qualcomm sd429
- canonical/qualcomm sdm429w firmware
- canonical/qualcomm sdm439 firmware
- canonical/qualcomm sd 450 firmware
- canonical/qualcomm snapdragon 450
- canonical/qualcomm sdm630 firmware
- canonical/qualcomm sdm630
- canonical/qualcomm sdm632
- canonical/qualcomm sd 636 firmware
- canonical/qualcomm sdm636 firmware
- canonical/qualcomm sd660 firmware
- canonical/qualcomm snapdragon 660
- canonical/qualcomm sd 670 firmware
- canonical/qualcomm sdm670 firmware
- canonical/qualcomm sd710 firmware
- canonical/qualcomm snapdragon 710
- canonical/qualcomm sda/sdm845 firmware
- canonical/qualcomm snapdragon 845
- canonical/qualcomm sm6150p firmware
- canonical/qualcomm sm6150p
- canonical/qualcomm sm7150 firmware
- canonical/qualcomm sm8150p firmware
- canonical/qualcomm sm8150 fusion
- canonical/qualcomm sm8250
- canonical/qualcomm qsm8250
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr1130 firmware
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130