Bitra Firmware
CVE-2020-3679
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, Nicobar, QCS404, QCS610, Rennell, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
AnalysisAI
u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, Nicobar, QCS404, QCS610, Rennell, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 Affected products include: Qualcomm Bitra Firmware, Qualcomm Kamorta Firmware, Qualcomm Nicobar Firmware, Qualcomm Qcs404 Firmware, Qualcomm Qcs610 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Bitra Firmware
View allu'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode r
u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check
u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying int
u'Possible out of bound write while processing association response received from host due to lack of check of IE length
u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom' in Snapd
u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snap
u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdrag
u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader
u'An Unaligned address or size can propagate to the database due to improper page permissions and can lead to improper a
u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdra
u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access c
u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI devic
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today