CVE-2021-35108

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-35108
Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile

6.8 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:sm7450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7450:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:sm8475_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:sm8475p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8475p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
History

19 Apr 2023, 17:10

Type Values Removed Values Added
CPE cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*

08 Sep 2022, 20:26

Type Values Removed Values Added
First Time Qualcomm wcd9380
Qualcomm wcn6855
Qualcomm wsa8832
Qualcomm wcd9385 Firmware
Qualcomm sm8475
Qualcomm wcn7851
Qualcomm wcd9380 Firmware
Qualcomm wcd9375
Qualcomm wsa8835 Firmware
Qualcomm sm8475p
Qualcomm wsa8830
Qualcomm wsa8830 Firmware
Qualcomm sm7450
Qualcomm sm7450 Firmware
Qualcomm wcd9375 Firmware
Qualcomm sd 8 Gen1 5g Firmware
Qualcomm wcd9385
Qualcomm wcn6855 Firmware
Qualcomm wcn6750 Firmware
Qualcomm wsa8835
Qualcomm sm8475 Firmware
Qualcomm wcn6856 Firmware
Qualcomm wcn7851 Firmware
Qualcomm sd 8 Gen1 5g
Qualcomm wcd9370
Qualcomm wsa8832 Firmware
Qualcomm wcn6750
Qualcomm wcd9370 Firmware
Qualcomm sm8475p Firmware
Qualcomm
Qualcomm wcn6856
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.8
CPE cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sm7450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7450:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8475p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sm8475p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sm8475_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
References (CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin - (CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin - Vendor Advisory
CWE CWE-754

02 Sep 2022, 12:56

Type Values Removed Values Added
New CVE
Information

Published : 2022-09-02 12:15

Updated : 2023-12-10 14:35

NVD link : CVE-2021-35108

Mitre link : CVE-2021-35108

CVE.ORG link : CVE-2021-35108

JSON object : View

Products Affected

qualcomm

  • sm7450_firmware
  • wsa8832
  • wcn7851_firmware
  • wsa8830
  • wcd9385
  • wcn6750_firmware
  • wsa8832_firmware
  • wsa8835_firmware
  • wcd9380_firmware
  • sd_8_gen1_5g_firmware
  • sm8475_firmware
  • sm7450
  • wcd9375
  • wcn6856_firmware
  • wcd9380
  • wcn7851
  • wsa8830_firmware
  • wcn6855_firmware
  • wcn6750
  • sm8475
  • wcd9375_firmware
  • wcd9385_firmware
  • wsa8835
  • wcd9370_firmware
  • wcd9370
  • wcn6856
  • sm8475p_firmware
  • wcn6855
  • sm8475p
CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions