CVE-2021-35113
7.3
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Summary
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | AQT1000, CSRB31024, QCA6174A, QCA6310, QCA6335, QCA6420, QCA6430, QCA6564AU, QCA6574AU, QCA6595AU, QCA6696, QCA9377, QCS410, QCS610, SA415M, SD 675, SD429, SD675, SD678, SD720G, SD730, SD7c, SD845, SD850, SD855, SDM429W, SDX24, SDX50M, SDX55, SDX55M, SM6250, SM6250P, WCD9340, WCD9341, WCD9370, WCD9371, WCD9375, WCD9380, WCN3620, WCN3660B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WSA8810, WSA8815 | affected |
Weaknesses
- Cryptographic Issues in Key Provisioning
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.