CVE-2021-1899

EPSS 0.05%
Veröffentlicht 13.07.2021 06:15:08
Zuletzt bearbeitet 21.11.2024 05:45:21
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Apq8009w Firmware Version-

Qualcomm ≫ Apq8009w Version-

Qualcomm ≫ Aqt1000 Firmware Version-

Qualcomm ≫ Aqt1000 Version-

Qualcomm ≫ Msm8909w Firmware Version-

Qualcomm ≫ Msm8909w Version-

Qualcomm ≫ Qca4020 Firmware Version-

Qualcomm ≫ Qca4020 Version-

Qualcomm ≫ Qca6174a Firmware Version-

Qualcomm ≫ Qca6174a Version-

Qualcomm ≫ Qca6420 Firmware Version-

Qualcomm ≫ Qca6420 Version-

Qualcomm ≫ Qca6430 Firmware Version-

Qualcomm ≫ Qca6430 Version-

Qualcomm ≫ Qca9379 Firmware Version-

Qualcomm ≫ Qca9379 Version-

Qualcomm ≫ Qualcomm215 Firmware Version-

Qualcomm ≫ Qualcomm215 Version-

Qualcomm ≫ Sd 675 Firmware Version-

Qualcomm ≫ Sd 675 Version-

Qualcomm ≫ Sd205 Firmware Version-

Qualcomm ≫ Sd205 Version-

Qualcomm ≫ Sd210 Firmware Version-

Qualcomm ≫ Sd210 Version-

Qualcomm ≫ Sd675 Firmware Version-

Qualcomm ≫ Sd675 Version-

Qualcomm ≫ Sd678 Firmware Version-

Qualcomm ≫ Sd678 Version-

Qualcomm ≫ Sd720g Firmware Version-

Qualcomm ≫ Sd720g Version-

Qualcomm ≫ Sd730 Firmware Version-

Qualcomm ≫ Sd730 Version-

Qualcomm ≫ Sd855 Firmware Version-

Qualcomm ≫ Sd855 Version-

Qualcomm ≫ Sda429w Firmware Version-

Qualcomm ≫ Sda429w Version-

Qualcomm ≫ Sdm429w Firmware Version-

Qualcomm ≫ Sdm429w Version-

Qualcomm ≫ Sdx50m Firmware Version-

Qualcomm ≫ Sdx50m Version-

Qualcomm ≫ Sdx55 Firmware Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Sdx55m Firmware Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Sm6250 Firmware Version-

Qualcomm ≫ Sm6250 Version-

Qualcomm ≫ Wcd9326 Firmware Version-

Qualcomm ≫ Wcd9326 Version-

Qualcomm ≫ Wcd9341 Firmware Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9370 Firmware Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcd9375 Firmware Version-

Qualcomm ≫ Wcd9375 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcn3610 Firmware Version-

Qualcomm ≫ Wcn3610 Version-

Qualcomm ≫ Wcn3615 Firmware Version-

Qualcomm ≫ Wcn3615 Version-

Qualcomm ≫ Wcn3620 Firmware Version-

Qualcomm ≫ Wcn3620 Version-

Qualcomm ≫ Wcn3660b Firmware Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wcn3680 Firmware Version-

Qualcomm ≫ Wcn3680 Version-

Qualcomm ≫ Wcn3680b Firmware Version-

Qualcomm ≫ Wcn3680b Version-

Qualcomm ≫ Wcn3950 Firmware Version-

Qualcomm ≫ Wcn3950 Version-

Qualcomm ≫ Wcn3980 Firmware Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3988 Firmware Version-

Qualcomm ≫ Wcn3988 Version-

Qualcomm ≫ Wcn3991 Firmware Version-

Qualcomm ≫ Wcn3991 Version-

Qualcomm ≫ Wcn3998 Firmware Version-

Qualcomm ≫ Wcn3998 Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Firmware Version-

Qualcomm ≫ Wsa8815 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.11

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	0.9	3.6	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:N/A:P
product-security@qualcomm.com	4.6	0.9	3.6	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-1899

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-1899

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-1899

EUVD