Vulnerabilities > Qualcomm > SD 8CX Gen3 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-09-02 CVE-2021-35132 Improper Validation of Specified Quantity in Input vulnerability in Qualcomm products
Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-1284
7.8
7.8
2022-09-02 CVE-2021-35135 NULL Pointer Dereference vulnerability in Qualcomm products
A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
5.5
5.5
2022-09-02 CVE-2022-22062 Out-of-bounds Read vulnerability in Qualcomm products
An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
critical
 9.1
9.1
2022-09-02 CVE-2022-22069 Cleartext Storage of Sensitive Information vulnerability in Qualcomm products
Devices with keyprotect off may store unencrypted keybox in RPMB and cause cryptographic issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-312
7.8
7.8
2022-06-14 CVE-2021-30349 Unspecified vulnerability in Qualcomm products
Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
6.7
6.7
2022-06-14 CVE-2021-35094 Improper Authentication vulnerability in Qualcomm products
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-287
7.8
7.8
2022-06-14 CVE-2021-35126 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-129
7.8
7.8
2022-06-14 CVE-2021-35129 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-120
7.8
7.8
2022-04-01 CVE-2021-1942 Out-of-bounds Write vulnerability in Qualcomm products
Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-787
8.8
8.8