CVE-2021-1965

CRITICAL

Qualcomm Firmware - Buffer Overflow via MBSSID Scan IE Parse

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-1965.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2021-1965, which generates a malformed Wi-Fi beacon frame with an MBSSID tag and excessive vendor-specific tags to trigger a vulnerability in affected systems. The PoC uses libwifi to craft the beacon frame and writes it to a PCAP file for further use.

Description

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Exploits (1)

inthewild WORKING POC
poc
https://github.com/foxtrot/cve-2021-1965

This repository contains a functional proof-of-concept exploit for CVE-2021-1965, which generates a malformed Wi-Fi beacon frame with an MBSSID tag and excessive vendor-specific tags to trigger a vulnerability in affected systems. The PoC uses libwifi to craft the beacon frame and writes it to a PCAP file for further use.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Wi-Fi drivers (specific vendor/version not specified in code)
No auth needed
Prerequisites: libwifi library · pcap library · Wi-Fi adapter capable of injection
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.2745
EPSS Percentile 96.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-20 CWE-120
Status published
Products (50)
qualcomm/aqt1000_firmware
qualcomm/ar9380_firmware
qualcomm/csr8811_firmware
qualcomm/ipq4018_firmware
qualcomm/ipq4019_firmware
qualcomm/ipq4028_firmware
qualcomm/ipq4029_firmware
qualcomm/ipq5010_firmware
qualcomm/ipq5018_firmware
qualcomm/ipq5028_firmware
... and 40 more
Published Jul 13, 2021
Tracked Since Feb 18, 2026