Lucene search

QualcommCVE-2021-30327

HistoryJun 14, 2022 - 10:15 a.m.

CVE-2021-30327

2022-06-1410:15:14

CWE-120

qualcomm

web.nvd.nist.gov

cve-2021-30327

buffer overflow

sahara protocol

secure configuration data

snapdragon

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

AI Score

Confidence

High

EPSS

0.001

Percentile

30.3%

JSON

Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music

Affected configurations

Nvd

Node

qualcommapq8097Match-

AND

qualcommapq8097_firmwareMatch-

Node

qualcommapq8098Match-

AND

qualcommapq8098_firmwareMatch-

Node

qualcommipq6000Match-

AND

qualcommipq6000_firmwareMatch-

Node

qualcommipq6005Match-

AND

qualcommipq6005_firmwareMatch-

Node

qualcommipq6010Match-

AND

qualcommipq6010_firmwareMatch-

Node

qualcommipq6018Match-

AND

qualcommipq6018_firmwareMatch-

Node

qualcommipq6028Match-

AND

qualcommipq6028_firmwareMatch-

Node

qualcommmdm9205Match-

AND

qualcommmdm9205_firmwareMatch-

Node

qualcommmsm8997_firmwareMatch-

AND

qualcommmsm8997Match-

Node

qualcommmsm8998_firmwareMatch-

AND

qualcommmsm8998Match-

Node

qualcommqca6595_firmwareMatch-

AND

qualcommqca6595Match-

Node

qualcommqca6595au_firmwareMatch-

AND

qualcommqca6595auMatch-

Node

qualcommqcn7605_firmwareMatch-

AND

qualcommqcn7605Match-

Node

qualcommqcn7605w_firmwareMatch-

AND

qualcommqcn7605wMatch-

Node

qualcommqcn7606_firmwareMatch-

AND

qualcommqcn7606Match-

Node

qualcommqcn7606w_firmwareMatch-

AND

qualcommqcn7606wMatch-

Node

qualcommqcs401_firmwareMatch-

AND

qualcommqcs401Match-

Node

qualcommqcs402_firmwareMatch-

AND

qualcommqcs402Match-

Node

qualcommqcs403_firmwareMatch-

AND

qualcommqcs403Match-

Node

qualcommqcs404_firmwareMatch-

AND

qualcommqcs404Match-

Node

qualcommqcs405_firmwareMatch-

AND

qualcommqcs405Match-

Node

qualcommqcs407_firmwareMatch-

AND

qualcommqcs407Match-

Node

qualcommsa2145p_firmwareMatch-

AND

qualcommsa2145pMatch-

Node

qualcommsa2150p_firmwareMatch-

AND

qualcommsa2150pMatch-

Node

qualcommsa4150p_firmwareMatch-

AND

qualcommsa4150pMatch-

Node

qualcommsa4155pMatch-

AND

qualcommsa4155p_firmwareMatch-

Node

qualcommsa415m_firmwareMatch-

AND

qualcommsa415mMatch-

Node

qualcommsa4250p_firmwareMatch-

AND

qualcommsa4250pMatch-

Node

qualcommsa515m_firmwareMatch-

AND

qualcommsa515mMatch-

Node

qualcommsa6115_firmwareMatch-

AND

qualcommsa6115Match-

Node

qualcommsa6115p_firmwareMatch-

AND

qualcommsa6115pMatch-

Node

qualcommsa6125_firmwareMatch-

AND

qualcommsa6125Match-

Node

qualcommsa6125p_firmwareMatch-

AND

qualcommsa6125pMatch-

Node

qualcommsa6145_firmwareMatch-

AND

qualcommsa6145Match-

Node

qualcommsa6145p_firmwareMatch-

AND

qualcommsa6145pMatch-

Node

qualcommsa615x_firmwareMatch-

AND

qualcommsa615xMatch-

Node

qualcommsa615xp_firmwareMatch-

AND

qualcommsa615xpMatch-

Node

qualcommsa8150p_firmwareMatch-

AND

qualcommsa8150pMatch-

Node

qualcommsa8155_firmwareMatch-

AND

qualcommsa8155Match-

Node

qualcommsa8155p_firmwareMatch-

AND

qualcommsa8155pMatch-

Node

qualcommsa8195p_firmwareMatch-

AND

qualcommsa8195pMatch-

Node

qualcommsc7180_firmwareMatch-

AND

qualcommsc7180Match-

Node

qualcommsc7180p_firmwareMatch-

AND

qualcommsc7180pMatch-

Node

qualcommsc8180x_firmwareMatch-

AND

qualcommsc8180xMatch-

Node

qualcommsc8180xp_firmwareMatch-

AND

qualcommsc8180xpMatch-

Node

qualcommsda658_firmwareMatch-

AND

qualcommsda658Match-

Node

qualcommsda660_firmwareMatch-

AND

qualcommsda660Match-

Node

qualcommsda670_firmwareMatch-

AND

qualcommsda670Match-

Node

qualcommsda830_firmwareMatch-

AND

qualcommsda830Match-

Node

qualcommsda845_firmwareMatch-

AND

qualcommsda845Match-

Node

qualcommsdm640_firmwareMatch-

AND

qualcommsdm640Match-

Node

qualcommsdm658_firmwareMatch-

AND

qualcommsdm658Match-

Node

qualcommsdm660_firmwareMatch-

AND

qualcommsdm660Match-

Node

qualcommsdm670_firmwareMatch-

AND

qualcommsdm670Match-

Node

qualcommsdm710_firmwareMatch-

AND

qualcommsdm710Match-

Node

qualcommsdm712_firmwareMatch-

AND

qualcommsdm712Match-

Node

qualcommsdm830_firmwareMatch-

AND

qualcommsdm830Match-

Node

qualcommsdm845_firmwareMatch-

AND

qualcommsdm845Match-

Node

qualcommsdm850_firmwareMatch-

AND

qualcommsdm850Match-

Node

qualcommsdpx55m_firmwareMatch-

AND

qualcommsdpx55mMatch-

Node

qualcommsdx24_firmwareMatch-

AND

qualcommsdx24Match-

Node

qualcommsdx24m_firmwareMatch-

AND

qualcommsdx24mMatch-

Node

qualcommsdx55_firmwareMatch-

AND

qualcommsdx55Match-

Node

qualcommsm4250_firmwareMatch-

AND

qualcommsm4250Match-

Node

qualcommsm6125_firmwareMatch-

AND

qualcommsm6125Match-

Node

qualcommsm6150_firmwareMatch-

AND

qualcommsm6150Match-

Node

qualcommsm6150p_firmwareMatch-

AND

qualcommsm6150pMatch-

Node

qualcommsm6250_firmwareMatch-

AND

qualcommsm6250Match-

Node

qualcommsm6250p_firmwareMatch-

AND

qualcommsm6250pMatch-

Node

qualcommsm7125_firmwareMatch-

AND

qualcommsm7125Match-

Node

qualcommsm7150_firmwareMatch-

AND

qualcommsm7150Match-

Node

qualcommsm7150p_firmwareMatch-

AND

qualcommsm7150pMatch-

Node

qualcommsm7250_firmwareMatch-

AND

qualcommsm7250Match-

Node

qualcommsm7250p_firmwareMatch-

AND

qualcommsm7250pMatch-

Node

qualcommsm8150_firmwareMatch-

AND

qualcommsm8150Match-

Node

qualcommsm8150p_firmwareMatch-

AND

qualcommsm8150pMatch-

Node

qualcommsm8250_firmwareMatch-

AND

qualcommsm8250Match-

Node

qualcommsxr2130_firmwareMatch-

AND

qualcommsxr2130Match-

Node

qualcommsxr2130p_firmwareMatch-

AND

qualcommsxr2130pMatch-

VendorProductVersionCPE
qualcommapq8097-cpe:2.3:h:qualcomm:apq8097:-:*:*:*:*:*:*:*
qualcommapq8097_firmware-cpe:2.3:o:qualcomm:apq8097_firmware:-:*:*:*:*:*:*:*
qualcommapq8098-cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*
qualcommapq8098_firmware-cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*
qualcommipq6000-cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*
qualcommipq6000_firmware-cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*
qualcommipq6005-cpe:2.3:h:qualcomm:ipq6005:-:*:*:*:*:*:*:*
qualcommipq6005_firmware-cpe:2.3:o:qualcomm:ipq6005_firmware:-:*:*:*:*:*:*:*
qualcommipq6010-cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*
qualcommipq6010_firmware-cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	apq8097	-	cpe:2.3:h:qualcomm:apq8097:-:::::::*
qualcomm	apq8097_firmware	-	cpe:2.3:o:qualcomm:apq8097_firmware:-:::::::*
qualcomm	apq8098	-	cpe:2.3:h:qualcomm:apq8098:-:::::::*
qualcomm	apq8098_firmware	-	cpe:2.3:o:qualcomm:apq8098_firmware:-:::::::*
qualcomm	ipq6000	-	cpe:2.3:h:qualcomm:ipq6000:-:::::::*
qualcomm	ipq6000_firmware	-	cpe:2.3:o:qualcomm:ipq6000_firmware:-:::::::*
qualcomm	ipq6005	-	cpe:2.3:h:qualcomm:ipq6005:-:::::::*
qualcomm	ipq6005_firmware	-	cpe:2.3:o:qualcomm:ipq6005_firmware:-:::::::*
qualcomm	ipq6010	-	cpe:2.3:h:qualcomm:ipq6010:-:::::::*
qualcomm	ipq6010_firmware	-	cpe:2.3:o:qualcomm:ipq6010_firmware:-:::::::*

Rows per page:

1-10 of 1581

CNA Affected

[
  {
    "product": "Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8097, APQ8098, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, MDM9205, MSM8997, MSM8998, QCA6595, QCA6595AU, QCN7605, QCN7605W, QCN7606, QCN7606W, QCS401, QCS402, QCS403, QCS404, QCS405, QCS407, SA2145P, SA2150P, SA4150P, SA4155P, SA415M, SA4250P, SA515M, SA6115, SA6115P, SA6125, SA6125P, SA6145, SA6145P, SA615x, SA615xP, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC7180P, SC8180X, SC8180XP, SDA658, SDA660, SDA670, SDA830, SDA845, SDM640, SDM658, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDPX55M, SDX24, SDX24M, SDX55, SM4250, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

Social References

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

AI Score

Confidence

High

EPSS

0.001

Percentile

30.3%

JSON

Related for CVE-2021-30327