Nicobar firmware

This hub aggregates every CVE we track for Nicobar firmware, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Nicobar firmware.

• CVE-2020-3704u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral system enter into dead lock state.(This CVE is equivalent t...7.5Nov 2, 2020
• CVE-2020-3703u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overf...9.8Nov 2, 2020
• CVE-2020-3694u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music i...7.8Nov 2, 2020
• CVE-2020-3693u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industri...7.8Nov 2, 2020
• CVE-2020-3692u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from server' in Snapdragon Auto, Snapdragon Com...9.8Nov 2, 2020
• CVE-2020-3690u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT...7.8Nov 2, 2020
• CVE-2020-3684u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, ...7.8Nov 2, 2020
• CVE-2020-3673u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdr...9.8Nov 2, 2020
• CVE-2020-3670u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container' in Snapdragon Auto, Snapdragon Compute...9.1Nov 2, 2020
• CVE-2020-3654u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdr...9.8Nov 2, 2020
• CVE-2020-11173u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdrag...7.0Nov 2, 2020
• CVE-2020-11164u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT,...7.8Nov 2, 2020
• CVE-2020-11162u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snap...7.8Nov 2, 2020
• CVE-2020-11125u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrag...7.8Nov 2, 2020
• CVE-2020-3679u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Sna...5.5Sep 9, 2020