PT-2024-10762 · Broadcom+1 · Broadcom Wireless Combo Chips+1

Francesco Gringoli

Published

2024-11-10

Updated

2024-11-26

CVE-2020-10369

CVSS v3.1

5.5

Medium

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Cypress (and Broadcom) Wireless Combo chips versions prior to the January 2021 firmware update

Description The issue allows inferences about memory content via a "Spectra" attack when a January 2021 firmware update is not present. This affects certain Cypress (and Broadcom) Wireless Combo chips.

Recommendations For Cypress (and Broadcom) Wireless Combo chips versions prior to the January 2021 firmware update, apply the January 2021 firmware update to mitigate the risk of exploitation.

Fix

Side Channel Attack

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-203

Related Identifiers

CVE-2020-10369

Affected Products

Broadcom Wireless Combo Chips

Cypress Wireless Combo Chips

PT-2024-10762 · Broadcom+1 · Broadcom Wireless Combo Chips+1

CVE-2020-10369

Weakness Enumeration

Related Identifiers

Affected Products

References · 15