Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when processing identity credential operations in a trusted application...

CVE-2025-47348 Use of Uninitialized Variable in HLOS

Memory corruption while processing identity credential operations in the trusted application...

CVE-2025-47348

CVE-2025-47348 is a memory corruption vulnerability in Qualcomm chipsets related to identity credential processing in the trusted application. The issue is described as memory corruption during identity credential operations. CVSS v3.1 metrics indicate a HIGH base score (7.8) with local attack ve...

CVE-2025-47348 Use of Uninitialized Variable in HLOS

Memory corruption while processing identity credential operations in the trusted application...

EUVD-2021-21738

Malware in sbrugna...

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Overview Affected versions of this package are vulnerable to Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' in the authentication process. An attacker can elevate privileges by exploiting race conditions during the token validation steps. This is only...

CVE-2021-35094

Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

Design/Logic Flaw

Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-35094

Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-35094

CVE-2021-35094 involves Qualcomm components (e.g., QCA family, AQT1000) with an improper validation of timeout-based authentication in identity credentials, which can lead to invalid authorization in HLOS. The issue affects multiple Qualcomm/Qualcomm-supplied platforms including Snapdragon Auto, ...

XenMobile Server - Identity credential certificates (PKI) do not auto renew

MSCA Certificates can be set to expire on a certain interval, after hitting the XMS renewal policy default 30 days before expiration. User Certificates PKI are not renewing, leaving expired certificates on devices...