CVE-2021-30327 — HIGH (7.5)

Vulnerability Description

Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music

CVSS Score

7.5

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

LOW

Affected Products

Vendor	Product	Versions
Qualcomm	Apq8097 Firmware	-
Qualcomm	Apq8097	-
Qualcomm	Apq8098 Firmware	-
Qualcomm	Apq8098	-
Qualcomm	Ipq6000 Firmware	-
Qualcomm	Ipq6000	-
Qualcomm	Ipq6005 Firmware	-
Qualcomm	Ipq6005	-
Qualcomm	Ipq6010 Firmware	-
Qualcomm	Ipq6010	-
Qualcomm	Ipq6018 Firmware	-
Qualcomm	Ipq6018	-
Qualcomm	Ipq6028 Firmware	-
Qualcomm	Ipq6028	-
Qualcomm	Mdm9205 Firmware	-
Qualcomm	Mdm9205	-
Qualcomm	Msm8997 Firmware	-
Qualcomm	Msm8997	-
Qualcomm	Msm8998 Firmware	-
Qualcomm	Msm8998	-

Related Weaknesses (CWE)

CWE-120

References

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletinVendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletinVendor Advisory

FAQ

What is CVE-2021-30327?

CVE-2021-30327 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Conne...

How severe is CVE-2021-30327?

CVE-2021-30327 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-30327?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8097 Firmware, Qualcomm Apq8097, Qualcomm Apq8098 Firmware, Qualcomm Apq8098, Qualcomm Ipq6000 Firmware.