Vulnerability Name:

CVE-2021-1892 (CCN-199692)

Assigned:2020-12-08
Published:2021-04-05
Updated:2022-06-28
Summary:Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-787
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2021-1892

Source: XF
Type: UNKNOWN
qualcomm-cve20211892-code-exec(199692)

Source: CCN
Type: Qualcomm Web site
April 2021 Security Bulletin

Source: CONFIRM
Type: Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Vulnerable Configuration:Configuration 1:
  • cpe:/o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:aqt1000:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:qualcomm:pm8005_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm8005:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:qualcomm:pm855_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm855:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:qualcomm:pm855p_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm855p:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:qualcomm:pm8998_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm8998:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:qualcomm:pmi8998_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pmi8998:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:qualcomm:qat3550_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qat3550:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca1062:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca1064:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca2066:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:qualcomm:qca6164_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6164:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:qualcomm:qca6174_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6174:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6174a:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6310:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6335:-:*:*:*:*:*:*:*

    • Configuration 16:
  • cpe:/o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6391:-:*:*:*:*:*:*:*

    • Configuration 17:
  • cpe:/o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6420:-:*:*:*:*:*:*:*

    • Configuration 18:
  • cpe:/o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6430:-:*:*:*:*:*:*:*

    • Configuration 19:
  • cpe:/o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

    • Configuration 20:
  • cpe:/o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca9377:-:*:*:*:*:*:*:*

    • Configuration 21:
  • cpe:/o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcn7605:-:*:*:*:*:*:*:*

    • Configuration 22:
  • cpe:/o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcn7606:-:*:*:*:*:*:*:*

    • Configuration 23:
  • cpe:/o:qualcomm:qet4100_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qet4100:-:*:*:*:*:*:*:*

    • Configuration 24:
  • cpe:/o:qualcomm:qfe2081fc_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qfe2081fc:-:*:*:*:*:*:*:*

    • Configuration 25:
  • cpe:/o:qualcomm:qfe2082fc_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qfe2082fc:-:*:*:*:*:*:*:*

    • Configuration 26:
  • cpe:/o:qualcomm:qfe3100_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qfe3100:-:*:*:*:*:*:*:*

    • Configuration 27:
  • cpe:/o:qualcomm:qfe3440fc_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qfe3440fc:-:*:*:*:*:*:*:*

    • Configuration 28:
  • cpe:/o:qualcomm:qfe4455fc_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qfe4455fc:-:*:*:*:*:*:*:*

    • Configuration 29:
  • cpe:/o:qualcomm:qln1035bd_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qln1035bd:-:*:*:*:*:*:*:*

    • Configuration 30:
  • cpe:/o:qualcomm:sd8c_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd8c:-:*:*:*:*:*:*:*

    • Configuration 31:
  • cpe:/o:qualcomm:sd8cx_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd8cx:-:*:*:*:*:*:*:*

    • Configuration 32:
  • cpe:/o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd835:-:*:*:*:*:*:*:*

    • Configuration 33:
  • cpe:/o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd845:-:*:*:*:*:*:*:*

    • Configuration 34:
  • cpe:/o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd850:-:*:*:*:*:*:*:*

    • Configuration 35:
  • cpe:/o:qualcomm:sdr8150_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sdr8150:-:*:*:*:*:*:*:*

    • Configuration 36:
  • cpe:/o:qualcomm:smb1350_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb1350:-:*:*:*:*:*:*:*

    • Configuration 37:
  • cpe:/o:qualcomm:smb1351_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb1351:-:*:*:*:*:*:*:*

    • Configuration 38:
  • cpe:/o:qualcomm:smb1380_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb1380:-:*:*:*:*:*:*:*

    • Configuration 39:
  • cpe:/o:qualcomm:smb1381_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb1381:-:*:*:*:*:*:*:*

    • Configuration 40:
  • cpe:/o:qualcomm:smb1390_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb1390:-:*:*:*:*:*:*:*

    • Configuration 41:
  • cpe:/o:qualcomm:smb2351_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb2351:-:*:*:*:*:*:*:*

    • Configuration 42:
  • cpe:/o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

    • Configuration 43:
  • cpe:/o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9340:-:*:*:*:*:*:*:*

    • Configuration 44:
  • cpe:/o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

    • Configuration 45:
  • cpe:/o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3990:-:*:*:*:*:*:*:*

    • Configuration 46:
  • cpe:/o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

    • Configuration 47:
  • cpe:/o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

    • Configuration 48:
  • cpe:/o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn6851:-:*:*:*:*:*:*:*

    • Configuration 49:
  • cpe:/o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn6855:-:*:*:*:*:*:*:*

    • Configuration 50:
  • cpe:/o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

    • Configuration 51:
  • cpe:/o:qualcomm:wgr7640_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wgr7640:-:*:*:*:*:*:*:*

    • Configuration 52:
  • cpe:/o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

    • Configuration 53:
  • cpe:/o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

    • Configuration 54:
  • cpe:/o:qualcomm:wtr5975_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wtr5975:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:qualcomm:snapdragon_compute:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:snapdragon_connectivity:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:snapdragon_consumer_electronics_connectivity:-:*:*:*:*:*:*:*
  • OR cpe:/o:qualcomm:snapdragon_wired_infrastructure_&_networking:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    qualcomm aqt1000 firmware -
    qualcomm aqt1000 -
    qualcomm pm8005 firmware -
    qualcomm pm8005 -
    qualcomm pm855 firmware -
    qualcomm pm855 -
    qualcomm pm855p firmware -
    qualcomm pm855p -
    qualcomm pm8998 firmware -
    qualcomm pm8998 -
    qualcomm pmi8998 firmware -
    qualcomm pmi8998 -
    qualcomm qat3550 firmware -
    qualcomm qat3550 -
    qualcomm qca1062 firmware -
    qualcomm qca1062 -
    qualcomm qca1064 firmware -
    qualcomm qca1064 -
    qualcomm qca2066 firmware -
    qualcomm qca2066 -
    qualcomm qca6164 firmware -
    qualcomm qca6164 -
    qualcomm qca6174 firmware -
    qualcomm qca6174 -
    qualcomm qca6174a firmware -
    qualcomm qca6174a -
    qualcomm qca6310 firmware -
    qualcomm qca6310 -
    qualcomm qca6335 firmware -
    qualcomm qca6335 -
    qualcomm qca6391 firmware -
    qualcomm qca6391 -
    qualcomm qca6420 firmware -
    qualcomm qca6420 -
    qualcomm qca6430 firmware -
    qualcomm qca6430 -
    qualcomm qca6595au firmware -
    qualcomm qca6595au -
    qualcomm qca9377 firmware -
    qualcomm qca9377 -
    qualcomm qcn7605 firmware -
    qualcomm qcn7605 -
    qualcomm qcn7606 firmware -
    qualcomm qcn7606 -
    qualcomm qet4100 firmware -
    qualcomm qet4100 -
    qualcomm qfe2081fc firmware -
    qualcomm qfe2081fc -
    qualcomm qfe2082fc firmware -
    qualcomm qfe2082fc -
    qualcomm qfe3100 firmware -
    qualcomm qfe3100 -
    qualcomm qfe3440fc firmware -
    qualcomm qfe3440fc -
    qualcomm qfe4455fc firmware -
    qualcomm qfe4455fc -
    qualcomm qln1035bd firmware -
    qualcomm qln1035bd -
    qualcomm sd8c firmware -
    qualcomm sd8c -
    qualcomm sd8cx firmware -
    qualcomm sd8cx -
    qualcomm sd835 firmware -
    qualcomm sd835 -
    qualcomm sd845 firmware -
    qualcomm sd845 -
    qualcomm sd850 firmware -
    qualcomm sd850 -
    qualcomm sdr8150 firmware -
    qualcomm sdr8150 -
    qualcomm smb1350 firmware -
    qualcomm smb1350 -
    qualcomm smb1351 firmware -
    qualcomm smb1351 -
    qualcomm smb1380 firmware -
    qualcomm smb1380 -
    qualcomm smb1381 firmware -
    qualcomm smb1381 -
    qualcomm smb1390 firmware -
    qualcomm smb1390 -
    qualcomm smb2351 firmware -
    qualcomm smb2351 -
    qualcomm wcd9335 firmware -
    qualcomm wcd9335 -
    qualcomm wcd9340 firmware -
    qualcomm wcd9340 -
    qualcomm wcd9341 firmware -
    qualcomm wcd9341 -
    qualcomm wcn3990 firmware -
    qualcomm wcn3990 -
    qualcomm wcn3998 firmware -
    qualcomm wcn3998 -
    qualcomm wcn6850 firmware -
    qualcomm wcn6850 -
    qualcomm wcn6851 firmware -
    qualcomm wcn6851 -
    qualcomm wcn6855 firmware -
    qualcomm wcn6855 -
    qualcomm wcn6856 firmware -
    qualcomm wcn6856 -
    qualcomm wgr7640 firmware -
    qualcomm wgr7640 -
    qualcomm wsa8810 firmware -
    qualcomm wsa8810 -
    qualcomm wsa8815 firmware -
    qualcomm wsa8815 -
    qualcomm wtr5975 firmware -
    qualcomm wtr5975 -
    qualcomm snapdragon compute -
    qualcomm snapdragon connectivity -
    qualcomm snapdragon consumer electronics connectivity -
    qualcomm snapdragon wired infrastructure & networking -