CVE-2021-30314
MEDIUMQualcomm Snapdragon Firmware - Unauthorized Information Disclosure via Third-Party Application Access
Title source: llmDescription
Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/january-2022-bulletin
Scores
CVSS v3
6.2
EPSS
0.0004
EPSS Percentile
13.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (50)
qualcomm/qca6390_firmware
qualcomm/qca6391_firmware
qualcomm/qca6426_firmware
qualcomm/qca6436_firmware
qualcomm/qca6574_firmware
qualcomm/qca6574a_firmware
qualcomm/qca6574au_firmware
qualcomm/qca6595au_firmware
qualcomm/qca6696_firmware
qualcomm/qcm2290_firmware
... and 40 more
Published
Jan 13, 2022
Tracked Since
Feb 18, 2026