CVE-2020-3693: Buffer Overflow
First published: Mon Nov 02 2020(Updated: )
u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Qualcomm Apq8009 | ||
| Google Android | ||
| Qualcomm Apq8017 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Apq8098 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Msm8996au | ||
| Google Android | ||
| Qualcomm Nicobar | ||
| Qualcomm Qcm2150 Firmware | ||
| Google Android | ||
| Qualcomm Qcs605 Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sdm429w Firmware | ||
| Qualcomm Sdm429w | ||
| Google Android | ||
| Qualcomm Sdx20 | ||
| Google Android | ||
| Qualcomm Sm6150 | ||
| Qualcomm Sm8150 Firmware | ||
| Qualcomm Sm8150 | ||
| Qualcomm Sm8250 Firmware | ||
| Qualcomm SM8250 | ||
| Qualcomm Sxr2130 Firmware | ||
| Qualcomm Sxr2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-3693?
The severity of CVE-2020-3693 is high with a score of 7.8.
Which devices are affected by CVE-2020-3693?
Devices in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables with specific firmware versions are affected.
How can CVE-2020-3693 be exploited?
CVE-2020-3693 can be exploited by triggering a use out of range pointer issue during the execution of qseecom.
Are Qualcomm Apq8009, Qualcomm Apq8017, and Qualcomm Apq8053 affected by CVE-2020-3693?
Qualcomm Apq8009, Qualcomm Apq8017, and Qualcomm Apq8053 are affected by CVE-2020-3693.
Where can I find more information about CVE-2020-3693?
You can find more information about CVE-2020-3693 on the Qualcomm Product Security Bulletins for October 2020.
- collector/nvd-index
- agent/tags
- agent/severity
- agent/type
- agent/author
- agent/weakness
- agent/event
- agent/references
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/description
- agent/first-publish-date
- vendor/qualcomm
- canonical/google android
- canonical/qualcomm apq8009
- canonical/qualcomm apq8017
- canonical/qualcomm apq8098
- canonical/qualcomm msm8996au
- canonical/qualcomm nicobar
- canonical/qualcomm qcm2150 firmware
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm sdm429w firmware
- canonical/qualcomm sdm429w
- canonical/qualcomm sdx20
- canonical/qualcomm sm6150
- canonical/qualcomm sm8150 firmware
- canonical/qualcomm sm8150
- canonical/qualcomm sm8250 firmware
- canonical/qualcomm sm8250
- canonical/qualcomm sxr2130 firmware
- canonical/qualcomm sxr2130