CVE-2021-30261 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-30261 PUBLISHED CVSS 8.399999618530273 HIGH

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

EPSS 0.03% · 10.1th percentile

Risk Scores

CVSS v3.1

8.399999618530273

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.03%

10.1th percentile

Affected Products

Vendor	Product	Versions
qualcomm	sdxr1_firmware
qualcomm	qca4004_firmware
qualcomm	sd675_firmware
qualcomm	wcn6856_firmware
qualcomm	mdm9206_firmware
qualcomm	mdm9607_firmware
qualcomm	sa8155_firmware
qualcomm	qcs605_firmware
qualcomm	sdm429w_firmware
qualcomm	sdx12_firmware
qualcomm	sa6155p_firmware
qualcomm	sd678_firmware
qualcomm	qcs6125_firmware
qualcomm	qca6574_firmware
qualcomm	mdm9630_firmware
qualcomm	qca6174a_firmware
qualcomm	sd_455_firmware
qualcomm	sdx20_firmware
qualcomm	sa515m_firmware
qualcomm	sdxr2_5g_firmware

…and 163 more

Timeline

Aug 3, 2021 CVE Published
Sep 17, 2021 EPSS Score
Oct 5, 2021 EPSS Score
Oct 11, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Jan 9, 2022 EPSS Score
Mar 6, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 2, 2022 EPSS Score
Jun 28, 2022 EPSS Score
Oct 21, 2022 EPSS Score
Dec 17, 2022 EPSS Score

References

Open in Interactive Console →