CVE-2020-3645
First published: Mon May 04 2020(Updated: )
Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, QCS605, Rennell, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm IPQ6018 Firmware | ||
| Qualcomm IPQ6018 Firmware | ||
| Qualcomm IPQ8074 Firmware | ||
| Qualcomm IPQ8074A | ||
| Qualcomm Kamorta | ||
| qualcomm Kamorta firmware | ||
| Qualcomm Nicobar | ||
| Qualcomm Nicobar | ||
| Qualcomm QCA6390 Firmware | ||
| Qualcomm QCA6390 Firmware | ||
| Qualcomm QCA8081 firmware | ||
| Qualcomm QCA8081 firmware | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm Rennell | ||
| qualcomm Rennell firmware | ||
| Qualcomm SC7180P Firmware | ||
| Qualcomm SC7180 | ||
| qualcomm SC8180X firmware | ||
| Qualcomm SC8180X | ||
| Qualcomm SD845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| Qualcomm SD 670 Firmware | ||
| Qualcomm SDM670 Firmware | ||
| Qualcomm SD710 Firmware | ||
| Qualcomm Snapdragon 710 | ||
| Qualcomm Snapdragon 850 Firmware | ||
| Qualcomm SD850 | ||
| qualcomm SM6150P firmware | ||
| Qualcomm SM6150P | ||
| qualcomm SM7150 firmware | ||
| qualcomm SM7150 firmware | ||
| Qualcomm SM8150P Firmware | ||
| Qualcomm SM8150 Fusion | ||
| Qualcomm SXR1130 | ||
| Qualcomm SXR1130 Firmware | ||
| qualcomm SXR2130P firmware | ||
| Qualcomm SXR2130 | ||
| Qualcomm QCN7605 Firmware | ||
| Qualcomm QCN7605 Firmware | ||
| Qualcomm ZZ QCS605 firmware | ||
| Qualcomm QCS605 Firmware | ||
| Qualcomm SDA/SDM845 Firmware | ||
| Qualcomm Snapdragon 845 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-3645?
CVE-2020-3645 is a vulnerability in Snapdragon processors that can cause the firmware to crash if the encrypted data length in FILS IE of a reassoc response is more than 528 bytes.
What software is affected by CVE-2020-3645?
The affected software includes Google Android and various Qualcomm firmware versions such as IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCA8081, QCS404, QCS405, Rennell, SC7180, SC8180x, SDA845, SDM670, SDM710, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130, QCN7605, QCS605, and SDM845.
What is the severity of CVE-2020-3645?
CVE-2020-3645 has a severity rating of high, with a CVSS score of 7.5.
How can I fix CVE-2020-3645?
To fix CVE-2020-3645, users are advised to apply the necessary firmware updates provided by Qualcomm and follow the recommendations outlined in the Qualcomm security bulletin.
Where can I find more information about CVE-2020-3645?
More information about CVE-2020-3645 can be found in the Qualcomm security bulletin and the Android security bulletin for May 2020.
- agent/type
- agent/first-publish-date
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/last-modified-date
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm ipq6018 firmware
- canonical/qualcomm ipq8074 firmware
- canonical/qualcomm ipq8074a
- canonical/qualcomm kamorta
- canonical/qualcomm kamorta firmware
- canonical/qualcomm nicobar
- canonical/qualcomm qca6390 firmware
- canonical/qualcomm qca8081 firmware
- canonical/qualcomm qcs404 firmware
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm rennell
- canonical/qualcomm rennell firmware
- canonical/qualcomm sc7180p firmware
- canonical/qualcomm sc7180
- canonical/qualcomm sc8180x firmware
- canonical/qualcomm sc8180x
- canonical/qualcomm sd845 firmware
- canonical/qualcomm snapdragon 845
- canonical/qualcomm sd 670 firmware
- canonical/qualcomm sdm670 firmware
- canonical/qualcomm sd710 firmware
- canonical/qualcomm snapdragon 710
- canonical/qualcomm snapdragon 850 firmware
- canonical/qualcomm sd850
- canonical/qualcomm sm6150p firmware
- canonical/qualcomm sm6150p
- canonical/qualcomm sm7150 firmware
- canonical/qualcomm sm8150p firmware
- canonical/qualcomm sm8150 fusion
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr1130 firmware
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130
- canonical/qualcomm qcn7605 firmware
- canonical/qualcomm zz qcs605 firmware
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm sda/sdm845 firmware