CVE-2021-1894

HIGH

Qualcomm Ar8031 Firmware - Improper Exception Handling

Title source: rule

Description

Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

References (1)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin

Scores

CVSS v3 7.1

EPSS 0.0003

EPSS Percentile 9.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Classification

CWE

CWE-755

Status published

Affected Products (50)

qualcomm/ar8031_firmware

qualcomm/ar8035_firmware

qualcomm/csra6620_firmware

qualcomm/csra6640_firmware

qualcomm/csrb31024_firmware

qualcomm/fsm10055_firmware

qualcomm/fsm10056_firmware

qualcomm/mdm9150_firmware

qualcomm/mdm9205_firmware

qualcomm/mdm9628_firmware

qualcomm/qca4004_firmware

qualcomm/qca6174a_firmware

qualcomm/qca6390_firmware

qualcomm/qca6391_firmware

qualcomm/qca6426_firmware

... and 35 more

Timeline

Published Jan 03, 2022

Tracked Since Feb 18, 2026