CVE-2021-30305

CVE Database · CVE-2021-30305

CVE-2021-30305

· HIGHModified

CVSS v3.1

8.4

EPSS

0.15%

Published

Oct 20, 2021

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Possible out of bound access due to lack of validation of page offset before page is inserted in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-20

Affected Products (82)

qualcomm · qca6174a_firmwarevulnerable

qualcomm · qca6174a

qualcomm · qca6391_firmwarevulnerable

qualcomm · qca6391

qualcomm · qca6574_firmwarevulnerable

qualcomm · qca6574

qualcomm · qca6574a_firmwarevulnerable

qualcomm · qca6574a

qualcomm · qca6574au_firmwarevulnerable

qualcomm · qca6574au

qualcomm · qca6595au_firmwarevulnerable

· qca6595au

References (2)

https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin

PatchVendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs