Vulnerabilities > CVE-2020-3648 - Out-of-bounds Write vulnerability in Qualcomm Msm8909W Firmware

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

qualcomm

CWE-787

NVD

Published: 2020-09-08

Updated: 2021-07-21

Summary

u'Possible out of bound write in DSP driver code due to lack of check of data received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Msm8909W Firmware -	1
Hardware	Qualcomm Qualcomm Msm8909W -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin