CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
35.4%
u’Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
Vendor | Product | Version | CPE |
---|---|---|---|
qualcomm | apq8053_firmware | - | cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:* |
qualcomm | apq8053 | - | cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:* |
qualcomm | ipq4019_firmware | - | cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:* |
qualcomm | ipq4019 | - | cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:* |
qualcomm | ipq8064_firmware | - | cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:* |
qualcomm | ipq8064 | - | cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:* |
qualcomm | msm8909w_firmware | - | cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:* |
qualcomm | msm8909w | - | cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:* |
qualcomm | msm8996au_firmware | - | cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:* |
qualcomm | msm8996au | - | cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:* |
lists.debian.org/debian-lts-announce/2021/10/msg00010.html
lists.debian.org/debian-lts-announce/2021/12/msg00012.html
www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58
www.debian.org/security/2021/dsa-4978
www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
35.4%