Lucene search

QualcommCVELIST:CVE-2021-35080

HistoryJun 14, 2022 - 9:50 a.m.

CVE-2021-35080

2022-06-1409:50:51

qualcomm

www.cve.org

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

Disabled SMMU from secure side while RPM is assigned a secure stream can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CNA Affected

[
  {
    "product": "Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "QCM2290, QCM4290, QCS2290, QCS4290, SD460, SD480, SD662, SD680, SD695, SM4125, SW5100, SW5100P, WCD9370, WCD9375, WCD9385, WCN3910, WCN3950, WCN3980, WCN3988, WCN3991, WCN3998, WSA8810, WSA8815, WSA8830, WSA8835"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2021-35080