CVE-2021-1892

CVE Database · CVE-2021-1892

CVE-2021-1892

· HIGHModified

CVSS v3.1

8.4

EPSS

0.16%

Published

Apr 7, 2021

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787

Affected Products (108)

qualcomm · aqt1000_firmwarevulnerable

qualcomm · aqt1000

qualcomm · pm8005_firmwarevulnerable

qualcomm · pm8005

qualcomm · pm855_firmwarevulnerable

qualcomm · pm855

qualcomm · pm855p_firmwarevulnerable

qualcomm · pm855p

qualcomm · pm8998_firmwarevulnerable

qualcomm · pm8998

qualcomm · pmi8998_firmwarevulnerable

· pmi8998

References (2)

https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs