Lucene search

[email protected]CVE-2021-35109

HistorySep 02, 2022 - 12:15 p.m.

CVE-2021-35109

2022-09-0212:15:08

CWE-20

[email protected]

web.nvd.nist.gov

cve

2021

35109

address manipulation

app-ns

rg configuration

snapdragon connectivity

snapdragon mobile

nvd

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.4%

JSON

Possible address manipulation from APP-NS while APP-S is configuring an RG where it tries to merge the address ranges in Snapdragon Connectivity, Snapdragon Mobile

Affected configurations

NVD

Node

qualcommsd_8_gen1_5g_firmwareMatch-

AND

qualcommsm8475Match-

Node

qualcommsm7450_firmwareMatch-

AND

qualcommsm7450Match-

Node

qualcommsm8475_firmwareMatch-

AND

qualcommsm8475Match-

Node

qualcommsm8475p_firmwareMatch-

AND

qualcommsm8475pMatch-

Node

qualcommwcd9370_firmwareMatch-

AND

qualcommwcd9370Match-

Node

qualcommwcd9375_firmwareMatch-

AND

qualcommwcd9375Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwcn6750_firmwareMatch-

AND

qualcommwcn6750Match-

Node

qualcommwcn6855_firmwareMatch-

AND

qualcommwcn6855Match-

Node

qualcommwcn6856_firmwareMatch-

AND

qualcommwcn6856Match-

Node

qualcommwcn7851_firmwareMatch-

AND

qualcommwcn7851Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8832_firmwareMatch-

AND

qualcommwsa8832Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

CPENameOperatorVersion
qualcomm:sd_8_gen1_5g_firmwarequalcomm sd 8 gen1 5g firmwareeq-

CPE	Name	Operator	Version
qualcomm:sd_8_gen1_5g_firmware	qualcomm sd 8 gen1 5g firmware	eq	-

CNA Affected

[
  {
    "product": "Snapdragon Connectivity, Snapdragon Mobile",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "SD 8 Gen1 5G, SM7450, SM8475, SM8475P, WCD9370, WCD9375, WCD9380, WCD9385, WCN6750, WCN6855, WCN6856, WCN7851, WSA8830, WSA8832, WSA8835"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin

Social References

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.4%

JSON

Related for CVE-2021-35109

prion1 nvd1 cvelist1