Lucene search

[email protected]CVE-2021-30289

HistoryJan 03, 2022 - 8:15 a.m.

CVE-2021-30289

2022-01-0308:15:08

CWE-119

[email protected]

web.nvd.nist.gov

cve-2021-30289

buffer overflow

range check

diag command

coex management

snapdragon auto

snapdragon compute

snapdragon consumer iot

snapdragon industrial iot

snapdragon mobile

snapdragon voice & music

snapdragon wearables

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Affected configurations

NVD

Node

qualcommapq8009w_firmwareMatch-

AND

qualcommapq8009wMatch-

Node

qualcommapq8017_firmwareMatch-

AND

qualcommapq8017Match-

Node

qualcommapq8096au_firmwareMatch-

AND

qualcommapq8096auMatch-

Node

qualcommaqt1000_firmwareMatch-

AND

qualcommaqt1000Match-

Node

qualcommcsrb31024_firmwareMatch-

AND

qualcommcsrb31024Match-

Node

qualcommfsm10055_firmwareMatch-

AND

qualcommfsm10055Match-

Node

qualcommfsm10056_firmwareMatch-

AND

qualcommfsm10056Match-

Node

qualcommmdm8207_firmwareMatch-

AND

qualcommmdm8207Match-

Node

qualcommmdm9150_firmwareMatch-

AND

qualcommmdm9150Match-

Node

qualcommmdm9205_firmwareMatch-

AND

qualcommmdm9205Match-

Node

qualcommmdm9206_firmwareMatch-

AND

qualcommmdm9206Match-

Node

qualcommmdm9207_firmwareMatch-

AND

qualcommmdm9207Match-

Node

qualcommmdm9250_firmwareMatch-

AND

qualcommmdm9250Match-

Node

qualcommmdm9607_firmwareMatch-

AND

qualcommmdm9607Match-

Node

qualcommmdm9628_firmwareMatch-

AND

qualcommmdm9628Match-

Node

qualcommmdm9640_firmwareMatch-

AND

qualcommmdm9640Match-

Node

qualcommmdm9650_firmwareMatch-

AND

qualcommmdm9650Match-

Node

qualcommmsm8909w_firmwareMatch-

AND

qualcommmsm8909wMatch-

Node

qualcommmsm8996au_firmwareMatch-

AND

qualcommmsm8996auMatch-

Node

qualcommqca4004_firmwareMatch-

AND

qualcommqca4004Match-

Node

qualcommqca6174a_firmwareMatch-

AND

qualcommqca6174aMatch-

Node

qualcommqca6420_firmwareMatch-

AND

qualcommqca6420Match-

Node

qualcommqca6430_firmwareMatch-

AND

qualcommqca6430Match-

Node

qualcommqca6564a_firmwareMatch-

AND

qualcommqca6564aMatch-

Node

qualcommqca6564au_firmwareMatch-

AND

qualcommqca6564auMatch-

Node

qualcommqca6574_firmwareMatch-

AND

qualcommqca6574Match-

Node

qualcommqca6574a_firmwareMatch-

AND

qualcommqca6574aMatch-

Node

qualcommqca6574au_firmwareMatch-

AND

qualcommqca6574auMatch-

Node

qualcommqca6584_firmwareMatch-

AND

qualcommqca6584Match-

Node

qualcommqca6584au_firmwareMatch-

AND

qualcommqca6584auMatch-

Node

qualcommqca6595au_firmwareMatch-

AND

qualcommqca6595auMatch-

Node

qualcommqca6696_firmwareMatch-

AND

qualcommqca6696Match-

Node

qualcommqca9367_firmwareMatch-

AND

qualcommqca9367Match-

Node

qualcommqca9377_firmwareMatch-

AND

qualcommqca9377Match-

Node

qualcommqcm2290_firmwareMatch-

AND

qualcommqcm2290Match-

Node

qualcommqcm4290_firmwareMatch-

AND

qualcommqcm4290Match-

Node

qualcommqcs2290_firmwareMatch-

AND

qualcommqcs2290Match-

Node

qualcommqcs410_firmwareMatch-

AND

qualcommqcs410Match-

Node

qualcommqcs4290_firmwareMatch-

AND

qualcommqcs4290Match-

Node

qualcommqcs603_firmwareMatch-

AND

qualcommqcs603Match-

Node

qualcommqcs605_firmwareMatch-

AND

qualcommqcs605Match-

Node

qualcommqcs610_firmwareMatch-

AND

qualcommqcs610Match-

Node

qualcommqet4101_firmwareMatch-

AND

qualcommqet4101Match-

Node

qualcommqsw8573_firmwareMatch-

AND

qualcommqsw8573Match-

Node

qualcommqualcomm215_firmwareMatch-

AND

qualcommqualcomm215Match-

Node

qualcommsa415m_firmwareMatch-

AND

qualcommsa415mMatch-

Node

qualcommsa6145p_firmwareMatch-

AND

qualcommsa6145pMatch-

Node

qualcommsa6150p_firmwareMatch-

AND

qualcommsa6150pMatch-

Node

qualcommsa6155p_firmwareMatch-

AND

qualcommsa6155pMatch-

Node

qualcommsa8145p_firmwareMatch-

AND

qualcommsa8145pMatch-

Node

qualcommsa8150p_firmwareMatch-

AND

qualcommsa8150pMatch-

Node

qualcommsa8155p_firmwareMatch-

AND

qualcommsa8155pMatch-

Node

qualcommsa8195p_firmwareMatch-

AND

qualcommsa8195pMatch-

Node

qualcommsd_675_firmwareMatch-

AND

qualcommsd_675Match-

Node

qualcommsd_8cx_firmwareMatch-

AND

qualcommsd_8cxMatch-

Node

qualcommsd205_firmwareMatch-

AND

qualcommsd205Match-

Node

qualcommsd210_firmwareMatch-

AND

qualcommsd210Match-

Node

qualcommsd429_firmwareMatch-

AND

qualcommsd429Match-

Node

qualcommsd460_firmwareMatch-

AND

qualcommsd460Match-

Node

qualcommsd660_firmwareMatch-

AND

qualcommsd660Match-

Node

qualcommsd662_firmwareMatch-

AND

qualcommsd662Match-

Node

qualcommsd665_firmwareMatch-

AND

qualcommsd665Match-

Node

qualcommsd675_firmwareMatch-

AND

qualcommsd675Match-

Node

qualcommsd678_firmwareMatch-

AND

qualcommsd678Match-

Node

qualcommsd720g_firmwareMatch-

AND

qualcommsd720gMatch-

Node

qualcommsd730_firmwareMatch-

AND

qualcommsd730Match-

Node

qualcommsd7c_firmwareMatch-

AND

qualcommsd7cMatch-

Node

qualcommsd845_firmwareMatch-

AND

qualcommsd845Match-

Node

qualcommsd850_firmwareMatch-

AND

qualcommsd850Match-

Node

qualcommsd855_firmwareMatch-

AND

qualcommsd855Match-

Node

qualcommsda429w_firmwareMatch-

AND

qualcommsda429wMatch-

Node

qualcommsdm429w_firmwareMatch-

AND

qualcommsdm429wMatch-

Node

qualcommsdw2500_firmwareMatch-

AND

qualcommsdw2500Match-

Node

qualcommsdx12_firmwareMatch-

AND

qualcommsdx12Match-

Node

qualcommsdx20_firmwareMatch-

AND

qualcommsdx20Match-

Node

qualcommsdx24_firmwareMatch-

AND

qualcommsdx24Match-

Node

qualcommsdxr1_firmwareMatch-

AND

qualcommsdxr1Match-

Node

qualcommsm6225_firmwareMatch-

AND

qualcommsm6225Match-

Node

qualcommsm6250_firmwareMatch-

AND

qualcommsm6250Match-

Node

qualcommsm6250p_firmwareMatch-

AND

qualcommsm6250pMatch-

Node

qualcommwcd9306_firmwareMatch-

AND

qualcommwcd9306Match-

Node

qualcommwcd9326_firmwareMatch-

AND

qualcommwcd9326Match-

Node

qualcommwcd9330_firmwareMatch-

AND

qualcommwcd9330Match-

Node

qualcommwcd9335_firmwareMatch-

AND

qualcommwcd9335Match-

Node

qualcommwcd9340_firmwareMatch-

AND

qualcommwcd9340Match-

Node

qualcommwcd9341_firmwareMatch-

AND

qualcommwcd9341Match-

Node

qualcommwcd9370_firmwareMatch-

AND

qualcommwcd9370Match-

Node

qualcommwcd9375_firmwareMatch-

AND

qualcommwcd9375Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcn3610_firmwareMatch-

AND

qualcommwcn3610Match-

Node

qualcommwcn3615_firmwareMatch-

AND

qualcommwcn3615Match-

Node

qualcommwcn3620_firmwareMatch-

AND

qualcommwcn3620Match-

Node

qualcommwcn3660b_firmwareMatch-

AND

qualcommwcn3660bMatch-

Node

qualcommwcn3680b_firmwareMatch-

AND

qualcommwcn3680bMatch-

Node

qualcommwcn3910_firmwareMatch-

AND

qualcommwcn3910Match-

Node

qualcommwcn3950_firmwareMatch-

AND

qualcommwcn3950Match-

Node

qualcommwcn3980_firmwareMatch-

AND

qualcommwcn3980Match-

Node

qualcommwcn3988_firmwareMatch-

AND

qualcommwcn3988Match-

Node

qualcommwcn3990_firmwareMatch-

AND

qualcommwcn3990Match-

Node

qualcommwcn3991_firmwareMatch-

AND

qualcommwcn3991Match-

Node

qualcommwcn3998_firmwareMatch-

AND

qualcommwcn3998Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

CPENameOperatorVersion
qualcomm:apq8009w_firmwarequalcomm apq8009w firmwareeq-

CPE	Name	Operator	Version
qualcomm:apq8009w_firmware	qualcomm apq8009w firmware	eq	-

CNA Affected

[
  {
    "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8009W, APQ8017, APQ8096AU, AQT1000, CSRB31024, FSM10055, FSM10056, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA4004, QCA6174A, QCA6420, QCA6430, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595AU, QCA6696, QCA9367, QCA9377, QCM2290, QCM4290, QCS2290, QCS410, QCS4290, QCS603, QCS605, QCS610, QET4101, QSW8573, Qualcomm215, SA415M, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SD 675, SD 8CX, SD205, SD210, SD429, SD460, SD660, SD662, SD665, SD675, SD678, SD720G, SD730, SD7c, SD845, SD850, SD855, SDA429W, SDM429W, SDW2500, SDX12, SDX20, SDX24, SDXR1, SM6225, SM6250, SM6250P, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WSA8810, WSA8815"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

Related for CVE-2021-30289

cvelist1 prion1 nvd1