CVE-2021-35094

Summary

Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon MobileAQT1000, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCM2290, QCM4290, QCM6490, QCS2290, QCS4290, QCS6490, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SA8195P, SA8540P, SA9000P, SD 675, SD 8cx Gen3, SD460, SD480, SD662, SD665, SD675, SD678, SD680, SD690 5G, SD695, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888 5G, SDX50M, SDX55M, SDXR2 5G, SM4125, SM6250, SM7250P, SM7325P, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3910, WCN3950, WCN3980, WCN3988, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835affected

Weaknesses

  • Improper Authorization in HLOS

ADP Enrichment

CVE Program Container

Additional References

References