CVE-2020-3693

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130

Description The issue is related to an out of range pointer problem due to an incorrect buffer range check during the execution of qseecom. This affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wearables.

Recommendations For APQ8009, consider disabling the qseecom execution until a patch is available. For APQ8017, restrict access to the vulnerable module to minimize the risk of exploitation. For APQ8053, avoid using the vulnerable buffer range check in the affected execution until the issue is resolved. For APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130, at the moment, there is no information about a newer version that contains a fix for this vulnerability.