Low severity3.5NVD Advisory· Published Nov 10, 2024· Updated Apr 15, 2026

CVE-2020-10368

Description

Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory read access via a "Spectra" attack.

Patches

8445a53ce2c5

Second Spectra fix for CYW43455 (CVE-2020-10370)

https://github.com/rpi-distro/bluez-firmwarePhil ElwellJan 26, 2021via osv

commit

1 file changed · +0 −0

broadcom/BCM4345C0.hcd+0 −0 modified

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

bugzilla.redhat.com/show_bug.cginvd
github.com/RPi-Distro/bluez-firmware/commit/8445a53ce2c51a77472b908a0c8f6f8e1fa5c37anvd
www.informatik.tu-darmstadt.de/fb20/aktuelles_fb20/fb20_neuigkeiten/neuigkeiten_fb20_details_203136.de.jspnvd
www.informatik.tu-darmstadt.de/seemoo/team_seemoo/jiska_classen/index.en.jspnvd

News mentions

No linked articles in our index yet.

cvss	0.227
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000