Vulnerability Description
Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Aqt1000 Firmware | - |
| Qualcomm | Aqt1000 | - |
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca6420 Firmware | - |
| Qualcomm | Qca6420 | - |
| Qualcomm | Qca6430 Firmware | - |
| Qualcomm | Qca6430 | - |
| Qualcomm | Qca6574A Firmware | - |
| Qualcomm | Qca6574A | - |
| Qualcomm | Qca6574Au Firmware | - |
| Qualcomm | Qca6574Au | - |
| Qualcomm | Qca6595 Firmware | - |
| Qualcomm | Qca6595 | - |
| Qualcomm | Qca6595Au Firmware | - |
| Qualcomm | Qca6595Au | - |
| Qualcomm | Qca6696 Firmware | - |
| Qualcomm | Qca6696 | - |
References
- https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletiVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletiVendor Advisory
FAQ
What is CVE-2021-1932?
CVE-2021-1932 is a vulnerability with a CVSS score of 8.4 (HIGH). Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity...
How severe is CVE-2021-1932?
CVE-2021-1932 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1932?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm Qca6390 Firmware.