CVE-2020-10367: Medium severity Cypress Wireless Combo chips vulnerability
Published Nov 10, 2024
·Updated
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory access via a "Spectra" attack.
Affected Software
2 affected components
Cypress Wireless Combo chips
Broadcom Wireless Combo chips
Event History
Nov 10, 2024
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Data Sourced
via NVD·11:15 PM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2020-10367?
CVE-2020-10367 is classified as a medium severity vulnerability due to the potential for memory access through a Spectra attack.
2
How do I fix CVE-2020-10367?
To mitigate CVE-2020-10367, ensure that the January 2021 firmware update is applied to affected Cypress or Broadcom Wireless Combo chips.
3
What types of chips are affected by CVE-2020-10367?
CVE-2020-10367 affects certain Cypress and Broadcom Wireless Combo chips.
4
Can CVE-2020-10367 lead to system exploitation?
Yes, CVE-2020-10367 can potentially lead to exploitation if the vulnerability is not addressed, allowing unauthorized memory access.
5
Is CVE-2020-10367 a hardware or software vulnerability?
CVE-2020-10367 is primarily a hardware vulnerability impacting the firmware of specific wireless combo chips.