What are the implications of CVE-2020-3703?

CVE-2020-3703 can lead to a buffer over-read issue in Bluetooth peripheral firmware, potentially exposing sensitive information.

How do I mitigate the effects of CVE-2020-3703?

To mitigate CVE-2020-3703, it is recommended to update the firmware of affected Qualcomm devices to the latest version that addresses this vulnerability.

What devices are affected by CVE-2020-3703?

CVE-2020-3703 affects various Qualcomm firmware models including APQ8053, APQ8076, and Ar9344 among others.

What types of vulnerabilities are similar to CVE-2020-3703?

CVE-2020-3703 is equivalent to vulnerabilities such as Link Layer Length Overflow (CVE-2019-16336, CVE-2019-17519) and Silent Length Overflow (CVE-2019-17518).

What is the severity rating of CVE-2020-3703?

CVE-2020-3703 has been classified as a moderate severity vulnerability due to its potential impact on device security.

Vulnerability/
CVE-2020-3703

critical

9.8

CWE

125 20

5/10/2020

2/11/2020

26/8/2024

CVE-2020-3703: Input Validation

First published: Mon Oct 05 2020(Updated: )

u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Android
qualcomm apq8053-ac firmware
Qualcomm APQ8053 Firmware
qualcomm apq8076 firmware
Qualcomm APQ8076
Qualcomm AR9344
Qualcomm AR9344 Firmware
Qualcomm Bitra
Qualcomm Bitra Firmware
Qualcomm Kamorta
qualcomm Kamorta firmware
Qualcomm MDM9206
Qualcomm MDM9206 firmware
qualcomm MDM9207C firmware
Qualcomm 9207 LTE Modem
Qualcomm MD9607 Firmware
Qualcomm MDM9607 firmware
Qualcomm 8905 Firmware
Qualcomm 8905
Qualcomm MSM8917
Qualcomm MSM8917 Firmware
Qualcomm 8937 Firmware
qualcomm MSM8937 firmware
qualcomm MSM8940 firmware
Qualcomm 8940
Qualcomm 8953 Firmware
Qualcomm MSM8953 Firmware
Qualcomm Nicobar
Qualcomm Nicobar
Qualcomm QCA6174A Firmware
Qualcomm QCA6174A Firmware
Qualcomm QCA9377 Firmware
Qualcomm QCA9377 Firmware
Qualcomm QCM2150
Qualcomm QCM2150 Firmware
Qualcomm QCM6125
Qualcomm qcm6125 firmware
Qualcomm QCS404 Firmware
Qualcomm QCS404 Firmware
Qualcomm QCS405 Firmware
Qualcomm QCS405 Firmware
Qualcomm ZZ QCS605 firmware
Qualcomm QCS605 Firmware
Qualcomm QCS610 Firmware
Qualcomm QCS610 Firmware
Qualcomm 215 Firmware
Qualcomm 215
Qualcomm Rennell
qualcomm Rennell firmware
qualcomm SC8180X firmware
Qualcomm SC8180X
Qualcomm SDM429W
Qualcomm SD429
qualcomm SDM439 firmware
Qualcomm SDM439 Firmware
Qualcomm SD 450 Firmware
Qualcomm Snapdragon 450
qualcomm SDM630 firmware
qualcomm SDM630
Qualcomm SDM632
Qualcomm SDM632
Qualcomm SD 636 Firmware
Qualcomm SDM636 Firmware
Qualcomm SD660 Firmware
Qualcomm Snapdragon 660
Qualcomm SD 670 Firmware
Qualcomm SDM670 Firmware
Qualcomm SD710 Firmware
Qualcomm Snapdragon 710
Qualcomm SDA/SDM845 Firmware
Qualcomm Snapdragon 845
Qualcomm SDX20 Firmware
Qualcomm SDX20 Firmware
Qualcomm SDX24
Qualcomm SDX24
qualcomm SM6150P firmware
Qualcomm SM6150P
qualcomm SM7150 firmware
qualcomm SM7150 firmware
Qualcomm SM8150P Firmware
Qualcomm SM8150 Fusion
Qualcomm SXR1130
Qualcomm SXR1130 Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What are the implications of CVE-2020-3703?
CVE-2020-3703 can lead to a buffer over-read issue in Bluetooth peripheral firmware, potentially exposing sensitive information.
How do I mitigate the effects of CVE-2020-3703?
To mitigate CVE-2020-3703, it is recommended to update the firmware of affected Qualcomm devices to the latest version that addresses this vulnerability.
What devices are affected by CVE-2020-3703?
CVE-2020-3703 affects various Qualcomm firmware models including APQ8053, APQ8076, and Ar9344 among others.
What types of vulnerabilities are similar to CVE-2020-3703?
CVE-2020-3703 is equivalent to vulnerabilities such as Link Layer Length Overflow (CVE-2019-16336, CVE-2019-17519) and Silent Length Overflow (CVE-2019-17518).
What is the severity rating of CVE-2020-3703?
CVE-2020-3703 has been classified as a moderate severity vulnerability due to its potential impact on device security.