CVE-2021-35070

RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd665:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:11

Type Values Removed Values Added
CVSS v2 : 4.9
v3 : 5.5
v2 : 4.9
v3 : 6.5
References () https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin - Vendor Advisory () https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin - Vendor Advisory

Information

Published : 2022-06-14 10:15

Updated : 2024-11-21 06:11


NVD link : CVE-2021-35070

Mitre link : CVE-2021-35070

CVE.ORG link : CVE-2021-35070


JSON object : View

Products Affected

qualcomm

  • qcm6125_firmware
  • qcm6125
  • wcd9375
  • sd665_firmware
  • qcs6125_firmware
  • wcn3980_firmware
  • wcn3980
  • wcn3950
  • wsa8810_firmware
  • wsa8810
  • wsa8815_firmware
  • qcs6125
  • wcd9370_firmware
  • wcn3950_firmware
  • wcd9375_firmware
  • wsa8815
  • sd665
  • wcd9370
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor