CVE-2020-10367

Name of the Vulnerable Software and Affected Versions Cypress (and Broadcom) Wireless Combo chips versions prior to January 2021 firmware update Raspberry Pi devices (affected versions not specified) BlueZ firmware (affected versions not specified) Apple products (affected versions not specified) Broadcom NAN (affected versions not specified) Cypress nan (affected versions not specified) Red Hat products (affected versions not specified) Broadcom products (affected versions not specified) High fitness trackers (affected versions not specified)

Description The issue allows memory access via a "Spectra" attack when a January 2021 firmware update is not present. This high-severity vulnerability impacts specific versions, potentially exposing systems to risks. Users are urged to update to the latest patches and follow recommended remediation steps to safeguard their systems.

Recommendations For Cypress (and Broadcom) Wireless Combo chips, update to the January 2021 firmware or later. For Raspberry Pi devices, update to the latest patches and follow recommended remediation steps. For BlueZ firmware, update to the latest firmware available. For Apple products, update to the latest software to mitigate risks. For Broadcom NAN, apply the latest patches and updates to mitigate potential threats. For Cypress nan, update to the latest version and apply all recommended patches. For Red Hat products, ensure systems are updated and patched to mitigate potential threats. For Broadcom products, update to the latest patches and follow remediation guidelines to safeguard environments. For high fitness trackers, update devices immediately and follow the manufacturer's remediation guidelines to ensure safety. At the moment, there is no information about a newer version that contains a fix for this vulnerability for some of the affected products.