{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T11:17:57.277","vulnerabilities":[{"cve":{"id":"CVE-2020-3640","sourceIdentifier":"product-security@qualcomm.com","published":"2020-09-08T10:15:15.483","lastModified":"2026-06-17T03:18:46.067","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOS adversary calls the function with wrong input' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, QCS404, QCS610, Rennell, Saipan, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130"},{"lang":"es","value":"Un cambio de tamaño del encabezado usage table antes de aprobar todas las comprobaciones conlleva a que la función salga con un usage table en estado no válido cuando un adversario de HLOS llama a la función con una entrada errónea en los productos Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking en versiones Bitra, Kamorta, QCS404, QCS610, Rennell, Saipan, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking","versions":[{"version":"Bitra, Kamorta, QCS404, QCS610, Rennell, Saipan, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-131"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:bitra_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"237CFDBE-F6BB-4D59-9A7D-8E1AF9FF4E70"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:bitra:-:*:*:*:*:*:*:*","matchCriteriaId":"CEA4D618-EC35-4458-BF22-7907CCBD90B2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:kamorta_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4C17D128-D249-463B-B21B-F5B01265726A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:kamorta:-:*:*:*:*:*:*:*","matchCriteriaId":"4ECFB565-9C4D-4F58-AD4E-283276688F00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs404_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2A2F7E6B-D499-4698-A203-A12725E51DFF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs404:-:*:*:*:*:*:*:*","matchCriteriaId":"B172AA65-B693-48DF-9D5A-7BB6FCC4A2A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E634F59C-6817-4898-A141-082044E66836"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*","matchCriteriaId":"29762819-EC90-499C-A8C6-1423DE3FE6B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:rennell_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D49376E9-D31E-4E84-9401-45859263F26C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:rennell:-:*:*:*:*:*:*:*","matchCriteriaId":"B6D66742-81FA-46D6-B7A2-5460923D81A8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:saipan_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"41BF2712-4559-4C5E-937D-74DE969A7BE0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:saipan:-:*:*:*:*:*:*:*","matchCriteriaId":"5FE6662E-D919-497B-81B4-3F442201D730"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc7180_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"792A18B7-E775-4AF4-A8C4-D434400317B0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc7180:-:*:*:*:*:*:*:*","matchCriteriaId":"B5170B38-0976-49BB-A916-5BE44C567218"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E93FB34B-3674-404D-9687-E092E9A246AB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*","matchCriteriaId":"F3FF5A9A-A34A-499C-B6E0-D67B496C5454"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8ABE492A-3755-4969-9DEB-4B85EBB84644"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*","matchCriteriaId":"E3D3787B-6ACC-4591-B041-01307ED66C36"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F63A748F-2236-4486-83F1-DE4BCBE5D56D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*","matchCriteriaId":"184F3DFC-27E8-48AC-B46C-C589DBCBF030"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DDC730C6-FB32-4566-AAE2-B2B261BA9411"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*","matchCriteriaId":"5A432773-467F-492C-AA3A-ADF08A21FB3F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*","matchCriteriaId":"95762B01-2762-45BD-8388-5DB77EA6139C"}]}]}],"references":[{"url":"https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin","source":"product-security@qualcomm.com","tags":["Broken Link"]},{"url":"https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin","source":"nvd@nist.gov","tags":["Vendor Advisory"]},{"url":"https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}}]}