CVE-2021-30279

HIGH

Snapdragon - Privilege Escalation

Title source: llm

Description

Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

References (1)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin

Scores

CVSS v3 7.8

EPSS 0.0003

EPSS Percentile 8.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-281

Status published

Products (50)

qualcomm/ar8035_firmware

qualcomm/qca6390_firmware

qualcomm/qca6391_firmware

qualcomm/qca6426_firmware

qualcomm/qca6436_firmware

qualcomm/qca8337_firmware

qualcomm/qca9984_firmware

qualcomm/qcm2290_firmware

qualcomm/qcm4290_firmware

qualcomm/qcm6490_firmware

... and 40 more

Published Jan 03, 2022

Tracked Since Feb 18, 2026