Vulnerability Description
Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Sd 8 Gen1 5G Firmware | - |
| Qualcomm | Sm8475 | - |
| Qualcomm | Sm7450 Firmware | - |
| Qualcomm | Sm7450 | - |
| Qualcomm | Sm8475 Firmware | - |
| Qualcomm | Sm8475P Firmware | - |
| Qualcomm | Sm8475P | - |
| Qualcomm | Wcd9370 Firmware | - |
| Qualcomm | Wcd9370 | - |
| Qualcomm | Wcd9375 Firmware | - |
| Qualcomm | Wcd9375 | - |
| Qualcomm | Wcd9380 Firmware | - |
| Qualcomm | Wcd9380 | - |
| Qualcomm | Wcd9385 Firmware | - |
| Qualcomm | Wcd9385 | - |
| Qualcomm | Wcn6750 Firmware | - |
| Qualcomm | Wcn6750 | - |
| Qualcomm | Wcn6855 Firmware | - |
| Qualcomm | Wcn6855 | - |
| Qualcomm | Wcn6856 Firmware | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletinVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletinVendor Advisory
FAQ
What is CVE-2021-35108?
CVE-2021-35108 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile
How severe is CVE-2021-35108?
CVE-2021-35108 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-35108?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Sd 8 Gen1 5G Firmware, Qualcomm Sm8475, Qualcomm Sm7450 Firmware, Qualcomm Sm7450, Qualcomm Sm8475 Firmware.