CVE-2026-21383

Summary

Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonLeMans_AU_LGITaffected
Qualcomm, Inc.SnapdragonLeMansAUaffected
Qualcomm, Inc.SnapdragonPandeiroaffected
Qualcomm, Inc.SnapdragonQAM8255Paffected
Qualcomm, Inc.SnapdragonQAM8397Paffected
Qualcomm, Inc.SnapdragonQAM8797Paffected
Qualcomm, Inc.SnapdragonQAMSRV1Haffected
Qualcomm, Inc.SnapdragonQAMSRV1Maffected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA6797AQaffected
Qualcomm, Inc.SnapdragonQCA8695AUaffected
Qualcomm, Inc.SnapdragonQDU1000affected
Qualcomm, Inc.SnapdragonQDU1110affected
Qualcomm, Inc.SnapdragonQDU1210affected
Qualcomm, Inc.SnapdragonQDX1010affected
Qualcomm, Inc.SnapdragonQDX1011affected
Qualcomm, Inc.SnapdragonQLN1083BDaffected
Qualcomm, Inc.SnapdragonQLN1086BDaffected
Qualcomm, Inc.SnapdragonQPA1083BDaffected
Qualcomm, Inc.SnapdragonQPA1086BDaffected
Qualcomm, Inc.SnapdragonQualcomm Dragonwing X100 Accelerator Cardaffected
Qualcomm, Inc.SnapdragonQXM1093affected
Qualcomm, Inc.SnapdragonQXM1094affected
Qualcomm, Inc.SnapdragonQXM1095affected
Qualcomm, Inc.SnapdragonQXM1096affected
Qualcomm, Inc.SnapdragonSA7255Paffected
Qualcomm, Inc.SnapdragonSA7775Paffected
Qualcomm, Inc.SnapdragonSA8255Paffected
Qualcomm, Inc.SnapdragonSA8620Paffected
Qualcomm, Inc.SnapdragonSA8770Paffected
Qualcomm, Inc.SnapdragonSA9000Paffected
Qualcomm, Inc.SnapdragonSAR1165Paffected
Qualcomm, Inc.SnapdragonSAR2130Paffected
Qualcomm, Inc.SnapdragonSnapdragon AR1 Gen 1 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon AR1+ Gen 1 Platformaffected
Qualcomm, Inc.SnapdragonSRV1Haffected
Qualcomm, Inc.SnapdragonSRV1Maffected
Qualcomm, Inc.SnapdragonSXR2230Paffected
Qualcomm, Inc.SnapdragonSXR2250Paffected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN7860affected
Qualcomm, Inc.SnapdragonWCN7861affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8832affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonXRV7209affected
Qualcomm, Inc.SnapdragonXRV9209affected

Weaknesses

  • CWE-323: CWE-323: Reusing a Nonce, Key Pair in Encryption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References