1. Home
  2. CVE Database
  3. CVE-2021-35070
MEDIUM · 6.5

CVE-2021-35070

RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile

Vulnerability Description

RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
QualcommQcm6125 Firmware-
QualcommQcm6125-
QualcommQcs6125 Firmware-
QualcommQcs6125-
QualcommSd665 Firmware-
QualcommSd665-
QualcommWcd9370 Firmware-
QualcommWcd9370-
QualcommWcd9375 Firmware-
QualcommWcd9375-
QualcommWcn3950 Firmware-
QualcommWcn3950-
QualcommWcn3980 Firmware-
QualcommWcn3980-
QualcommWsa8810 Firmware-
QualcommWsa8810-
QualcommWsa8815 Firmware-
QualcommWsa8815-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2021-35070?

CVE-2021-35070 is a vulnerability with a CVSS score of 6.5 (MEDIUM). RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile

How severe is CVE-2021-35070?

CVE-2021-35070 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-35070?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Qcm6125 Firmware, Qualcomm Qcm6125, Qualcomm Qcs6125 Firmware, Qualcomm Qcs6125, Qualcomm Sd665 Firmware.