Lucene search

QualcommCVE-2021-1928

HistorySep 08, 2021 - 12:15 p.m.

CVE-2021-1928

2021-09-0812:15:08

CWE-125

qualcomm

web.nvd.nist.gov

cve-2021-1928

buffer over read

emmc flashing

snapdragon connectivity

snapdragon consumer iot

snapdragon industrial iot

snapdragon mobile

snapdragon voice & music

snapdragon wearables

snapdragon wired infrastructure

networking

nvd

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS3

6.1

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

30.6%

JSON

Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Affected configurations

Nvd

Node

qualcommapq8009Match-

AND

qualcommapq8009_firmwareMatch-

Node

qualcommapq8053Match-

AND

qualcommapq8053_firmwareMatch-

Node

qualcommar9380Match-

AND

qualcommar9380_firmwareMatch-

Node

qualcommcsr8811Match-

AND

qualcommcsr8811_firmwareMatch-

Node

qualcommipq4018Match-

AND

qualcommipq4018_firmwareMatch-

Node

qualcommipq4019Match-

AND

qualcommipq4019_firmwareMatch-

Node

qualcommipq4028Match-

AND

qualcommipq4028_firmwareMatch-

Node

qualcommipq4029Match-

AND

qualcommipq4029_firmwareMatch-

Node

qualcommipq5010_firmwareMatch-

AND

qualcommipq5010Match-

Node

qualcommipq5018_firmwareMatch-

AND

qualcommipq5018Match-

Node

qualcommipq6000_firmwareMatch-

AND

qualcommipq6000Match-

Node

qualcommipq6005_firmwareMatch-

AND

qualcommipq6005Match-

Node

qualcommipq6010_firmwareMatch-

AND

qualcommipq6010Match-

Node

qualcommipq6018_firmwareMatch-

AND

qualcommipq6018Match-

Node

qualcommipq6028_firmwareMatch-

AND

qualcommipq6028Match-

Node

qualcommipq8064_firmwareMatch-

AND

qualcommipq8064Match-

Node

qualcommipq8065_firmwareMatch-

AND

qualcommipq8065Match-

Node

qualcommipq8068_firmwareMatch-

AND

qualcommipq8068Match-

Node

qualcommipq8069_firmwareMatch-

AND

qualcommipq8069Match-

Node

qualcommipq8070_firmwareMatch-

AND

qualcommipq8070Match-

Node

qualcommipq8070a_firmwareMatch-

AND

qualcommipq8070aMatch-

Node

qualcommipq8071_firmwareMatch-

AND

qualcommipq8071Match-

Node

qualcommipq8071a_firmwareMatch-

AND

qualcommipq8071aMatch-

Node

qualcommipq8072_firmwareMatch-

AND

qualcommipq8072Match-

Node

qualcommipq8072a_firmwareMatch-

AND

qualcommipq8072aMatch-

Node

qualcommipq8074_firmwareMatch-

AND

qualcommipq8074Match-

Node

qualcommipq8074a_firmwareMatch-

AND

qualcommipq8074aMatch-

Node

qualcommipq8076_firmwareMatch-

AND

qualcommipq8076Match-

Node

qualcommipq8076a_firmwareMatch-

AND

qualcommipq8076aMatch-

Node

qualcommipq8078_firmwareMatch-

AND

qualcommipq8078Match-

Node

qualcommipq8078a_firmwareMatch-

AND

qualcommipq8078aMatch-

Node

qualcommipq8173_firmwareMatch-

AND

qualcommipq8173Match-

Node

qualcommipq8174_firmwareMatch-

AND

qualcommipq8174Match-

Node

qualcommmdm9206_firmwareMatch-

AND

qualcommmdm9206Match-

Node

qualcommpmp8074_firmwareMatch-

AND

qualcommpmp8074Match-

Node

qualcommqca4024_firmwareMatch-

AND

qualcommqca4024Match-

Node

qualcommqca6310_firmwareMatch-

AND

qualcommqca6310Match-

Node

qualcommqca6320_firmwareMatch-

AND

qualcommqca6320Match-

Node

qualcommqca6335_firmwareMatch-

AND

qualcommqca6335Match-

Node

qualcommqca6428_firmwareMatch-

AND

qualcommqca6428Match-

Node

qualcommqca6438_firmwareMatch-

AND

qualcommqca6438Match-

Node

qualcommqca6694_firmwareMatch-

AND

qualcommqca6694Match-

Node

qualcommqca7500_firmwareMatch-

AND

qualcommqca7500Match-

Node

qualcommqca8072_firmwareMatch-

AND

qualcommqca8072Match-

Node

qualcommqca8075_firmwareMatch-

AND

qualcommqca8075Match-

Node

qualcommqca8081_firmwareMatch-

AND

qualcommqca8081Match-

Node

qualcommqca9367_firmwareMatch-

AND

qualcommqca9367Match-

Node

qualcommqca9377_firmwareMatch-

AND

qualcommqca9377Match-

Node

qualcommqca9531_firmwareMatch-

AND

qualcommqca9531Match-

Node

qualcommqca9558_firmwareMatch-

AND

qualcommqca9558Match-

Node

qualcommqca9561_firmwareMatch-

AND

qualcommqca9561Match-

Node

qualcommqca9563_firmwareMatch-

AND

qualcommqca9563Match-

Node

qualcommqca9880_firmwareMatch-

AND

qualcommqca9880Match-

Node

qualcommqca9882_firmwareMatch-

AND

qualcommqca9882Match-

Node

qualcommqca9886_firmwareMatch-

AND

qualcommqca9886Match-

Node

qualcommqca9887_firmwareMatch-

AND

qualcommqca9887Match-

Node

qualcommqca9888_firmwareMatch-

AND

qualcommqca9888Match-

Node

qualcommqca9889_firmwareMatch-

AND

qualcommqca9889Match-

Node

qualcommqca9896_firmwareMatch-

AND

qualcommqca9896Match-

Node

qualcommqca9898_firmwareMatch-

AND

qualcommqca9898Match-

Node

qualcommqca9980_firmwareMatch-

AND

qualcommqca9980Match-

Node

qualcommqca9982_firmwareMatch-

AND

qualcommqca9982Match-

Node

qualcommqca9984_firmwareMatch-

AND

qualcommqca9984Match-

Node

qualcommqca9985_firmwareMatch-

AND

qualcommqca9985Match-

Node

qualcommqca9990_firmwareMatch-

AND

qualcommqca9990Match-

Node

qualcommqca9992_firmwareMatch-

AND

qualcommqca9992Match-

Node

qualcommqca9994_firmwareMatch-

AND

qualcommqca9994Match-

Node

qualcommqcn5021_firmwareMatch-

AND

qualcommqcn5021Match-

Node

qualcommqcn5022_firmwareMatch-

AND

qualcommqcn5022Match-

Node

qualcommqcn5024_firmwareMatch-

AND

qualcommqcn5024Match-

Node

qualcommqcn5052_firmwareMatch-

AND

qualcommqcn5052Match-

Node

qualcommqcn5054_firmwareMatch-

AND

qualcommqcn5054Match-

Node

qualcommqcn5064_firmwareMatch-

AND

qualcommqcn5064Match-

Node

qualcommqcn5121_firmwareMatch-

AND

qualcommqcn5121Match-

Node

qualcommqcn5122_firmwareMatch-

AND

qualcommqcn5122Match-

Node

qualcommqcn5124_firmwareMatch-

AND

qualcommqcn5124Match-

Node

qualcommqcn5152_firmwareMatch-

AND

qualcommqcn5152Match-

Node

qualcommqcn5154_firmwareMatch-

AND

qualcommqcn5154Match-

Node

qualcommqcn5164_firmwareMatch-

AND

qualcommqcn5164Match-

Node

qualcommqcn5500_firmwareMatch-

AND

qualcommqcn5500Match-

Node

qualcommqcn5502_firmwareMatch-

AND

qualcommqcn5502Match-

Node

qualcommqcn5550_firmwareMatch-

AND

qualcommqcn5550Match-

Node

qualcommqcn6023_firmwareMatch-

AND

qualcommqcn6023Match-

Node

qualcommqcn6024_firmwareMatch-

AND

qualcommqcn6024Match-

Node

qualcommqcn9000_firmwareMatch-

AND

qualcommqcn9000Match-

Node

qualcommqcn9012_firmwareMatch-

AND

qualcommqcn9012Match-

Node

qualcommqcn9022_firmwareMatch-

AND

qualcommqcn9022Match-

Node

qualcommqcn9024_firmwareMatch-

AND

qualcommqcn9024Match-

Node

qualcommqcn9070_firmwareMatch-

AND

qualcommqcn9070Match-

Node

qualcommqcn9072_firmwareMatch-

AND

qualcommqcn9072Match-

Node

qualcommqcn9074_firmwareMatch-

AND

qualcommqcn9074Match-

Node

qualcommqcn9100_firmwareMatch-

AND

qualcommqcn9100Match-

Node

qualcommqfe1922_firmwareMatch-

AND

qualcommqfe1922Match-

Node

qualcommqfe1952_firmwareMatch-

AND

qualcommqfe1952Match-

Node

qualcommqualcomm215_firmwareMatch-

AND

qualcommqualcomm215Match-

Node

qualcommsd205_firmwareMatch-

AND

qualcommsd205Match-

Node

qualcommsd210_firmwareMatch-

AND

qualcommsd210Match-

Node

qualcommsda429w_firmwareMatch-

AND

qualcommsda429wMatch-

Node

qualcommwcd9326_firmwareMatch-

AND

qualcommwcd9326Match-

Node

qualcommwcd9330_firmwareMatch-

AND

qualcommwcd9330Match-

Node

qualcommwcd9340_firmwareMatch-

AND

qualcommwcd9340Match-

Node

qualcommwcn3610_firmwareMatch-

AND

qualcommwcn3610Match-

Node

qualcommwcn3620_firmwareMatch-

AND

qualcommwcn3620Match-

Node

qualcommwcn3660b_firmwareMatch-

AND

qualcommwcn3660bMatch-

Node

qualcommwcn3680b_firmwareMatch-

AND

qualcommwcn3680bMatch-

Node

qualcommwcn3980_firmwareMatch-

AND

qualcommwcn3980Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

VendorProductVersionCPE
qualcommapq8009-cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*
qualcommapq8009_firmware-cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
qualcommapq8053-cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
qualcommapq8053_firmware-cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
qualcommar9380-cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*
qualcommar9380_firmware-cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*
qualcommcsr8811-cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*
qualcommcsr8811_firmware-cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*
qualcommipq4018-cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*
qualcommipq4018_firmware-cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	apq8009	-	cpe:2.3:h:qualcomm:apq8009:-:::::::*
qualcomm	apq8009_firmware	-	cpe:2.3:o:qualcomm:apq8009_firmware:-:::::::*
qualcomm	apq8053	-	cpe:2.3:h:qualcomm:apq8053:-:::::::*
qualcomm	apq8053_firmware	-	cpe:2.3:o:qualcomm:apq8053_firmware:-:::::::*
qualcomm	ar9380	-	cpe:2.3:h:qualcomm:ar9380:-:::::::*
qualcomm	ar9380_firmware	-	cpe:2.3:o:qualcomm:ar9380_firmware:-:::::::*
qualcomm	csr8811	-	cpe:2.3:h:qualcomm:csr8811:-:::::::*
qualcomm	csr8811_firmware	-	cpe:2.3:o:qualcomm:csr8811_firmware:-:::::::*
qualcomm	ipq4018	-	cpe:2.3:h:qualcomm:ipq4018:-:::::::*
qualcomm	ipq4018_firmware	-	cpe:2.3:o:qualcomm:ipq4018_firmware:-:::::::*

Rows per page:

1-10 of 2161

CNA Affected

[
  {
    "product": "Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8009, APQ8053, AR9380, CSR8811, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9206, PMP8074, QCA4024, QCA6310, QCA6320, QCA6335, QCA6428, QCA6438, QCA6694, QCA7500, QCA8072, QCA8075, QCA8081, QCA9367, QCA9377, QCA9531, QCA9558, QCA9561, QCA9563, QCA9880, QCA9882, QCA9886, QCA9887, QCA9888, QCA9889, QCA9896, QCA9898, QCA9980, QCA9982, QCA9984, QCA9985, QCA9990, QCA9992, QCA9994, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5500, QCN5502, QCN5550, QCN6023, QCN6024, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QFE1922, QFE1952, Qualcomm215, SD205, SD210, SDA429W, WCD9326, WCD9330, WCD9340, WCN3610, WCN3620, WCN3660B, WCN3680B, WCN3980, WSA8810, WSA8815"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS3

6.1

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

30.6%

JSON

Related for CVE-2021-1928