CVE-2020-10369: Medium severity Cypress Wireless Combo chips vulnerability
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow inferences about memory content via a "Spectra" attack.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2020-10369?
CVE-2020-10369 is classified as a moderate severity vulnerability due to the potential for information leakage through a Spectra attack.
How do I fix CVE-2020-10369?
To mitigate CVE-2020-10369, ensure that the January 2021 firmware update is applied to your Cypress or Broadcom Wireless Combo chips.
What is a Spectra attack related to CVE-2020-10369?
A Spectra attack, in the context of CVE-2020-10369, is a side-channel attack that allows an attacker to infer information about the memory content of affected devices.
What devices are affected by CVE-2020-10369?
CVE-2020-10369 affects certain Cypress and Broadcom Wireless Combo chips that lack specific firmware updates.
Is CVE-2020-10369 being actively exploited?
As of the latest information, there have been no widely reported active exploits for CVE-2020-10369.