1. Home
  2. CVE Database
  3. CVE-2021-1907
HIGH · 7.5

CVE-2021-1907

Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobil...

Vulnerability Description

Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
QualcommApq8053 Firmware-
QualcommApq8053-
QualcommCsrb31024 Firmware-
QualcommCsrb31024-
QualcommMsm8953 Firmware-
QualcommMsm8953-
QualcommQca6175A Firmware-
QualcommQca6175A-
QualcommQca6390 Firmware-
QualcommQca6390-
QualcommQca6391 Firmware-
QualcommQca6391-
QualcommQca6426 Firmware-
QualcommQca6426-
QualcommQca6436 Firmware-
QualcommQca6436-
QualcommQca6564A Firmware-
QualcommQca6564A-
QualcommQca6564Au Firmware-
QualcommQca6564Au-

Related Weaknesses (CWE)

CWE-120

References

FAQ

What is CVE-2021-1907?

CVE-2021-1907 is a vulnerability with a CVSS score of 7.5 (HIGH). Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobil...

How severe is CVE-2021-1907?

CVE-2021-1907 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-1907?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8053 Firmware, Qualcomm Apq8053, Qualcomm Csrb31024 Firmware, Qualcomm Csrb31024, Qualcomm Msm8953 Firmware.