CVE-2021-35079
6.2
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | APQ8053, AQT1000, MSM8953, QCA6390, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCM4290, QCS4290, QCS603, QCS605, Qualcomm215, SD460, SD480, SD662, SD680, SD690 5G, SD695, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888 5G, SDX55, SDX55M, SDXR2 5G, SM7250P, SM7325P, WCD9326, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835 | affected |
Weaknesses
- Permissions, Privileges and Access Controls in Telephony
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.