6.8
CVE-2021-35109
- EPSS 0.1%
- Veröffentlicht 02.09.2022 12:15:08
- Zuletzt bearbeitet 21.11.2024 06:11:55
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Possible address manipulation from APP-NS while APP-S is configuring an RG where it tries to merge the address ranges in Snapdragon Connectivity, Snapdragon Mobile
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Sd 8 Gen1 5g Firmware Version-
Qualcomm ≫ Sm7450 Firmware Version-
Qualcomm ≫ Sm8475 Firmware Version-
Qualcomm ≫ Sm8475p Firmware Version-
Qualcomm ≫ Wcd9370 Firmware Version-
Qualcomm ≫ Wcd9375 Firmware Version-
Qualcomm ≫ Wcd9380 Firmware Version-
Qualcomm ≫ Wcd9385 Firmware Version-
Qualcomm ≫ Wcn6750 Firmware Version-
Qualcomm ≫ Wcn6855 Firmware Version-
Qualcomm ≫ Wcn6856 Firmware Version-
Qualcomm ≫ Wcn7851 Firmware Version-
Qualcomm ≫ Wsa8830 Firmware Version-
Qualcomm ≫ Wsa8832 Firmware Version-
Qualcomm ≫ Wsa8835 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.275 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| product-security@qualcomm.com | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.