CVE-2021-30345

RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CVSS v3 5.5 MEDIUM
CVSS v2.0 4.9 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.9^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:N/A:N

Exploitability : 3.9 / Impact : 6.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:sd680_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd680:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sm6375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6375:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

08 Aug 2023, 14:22

Type	Values Removed	Values Added
CWE	~~CWE-668~~	NVD-CWE-noinfo

Information

Published : 2022-06-14 10:15

Updated : 2024-02-28 19:09

NVD link : CVE-2021-30345

Mitre link : CVE-2021-30345

CVE.ORG link : CVE-2021-30345

JSON object : View

Products Affected

qualcomm

wcd9385
wcn3998
wsa8835_firmware
qcs4290
qcs405
sm6375_firmware
wcn3910_firmware
wsa8815_firmware
qcm2290
sm6375
wcd9375
wcn3910
wsa8835
sd480_firmware
ar8035_firmware
wcn3980_firmware
wsa8815
qca9984
wcd9385_firmware
wcn3950_firmware
wcn3998_firmware
wsa8810
sw5100p_firmware
sw5100_firmware
sd480
sd460
sd662
wcd9370
wsa8830
sw5100
sd680_firmware
wcn3988_firmware
wcn3988
sw5100p
wcn3991_firmware
wcn3991
wcn3999
qcm4290_firmware
sd680
sd460_firmware
ar8035
wsa8830_firmware
wcn3950
wcn3999_firmware
qcs4290_firmware
wcd9370_firmware
sd662_firmware
wcd9375_firmware
qcm2290_firmware
qcs2290_firmware
qcm4290
wcn3980
qca9984_firmware
qcs2290
wsa8810_firmware
qcs405_firmware

CWE

NVD-CWE-noinfo

5.5 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.9 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2021-30345

5.5^/10

4.9^/10

Attach tags to `CVE-2021-30345`