CVE-2021-30327

HIGH

Qualcomm Multiple Chipsets Firmware - Buffer Overflow in Sahara Protocol

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-30327. PoCs published by Daniel224455.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-30327, targeting Qualcomm BootROM via a stack overflow in the Sahara protocol. The exploit manipulates the stack pointer to corrupt memory and execute arbitrary shellcode, leveraging the SAHARA_RESET_STATE_MACHINE_ID command (0x13).

Description

Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music

Exploits (1)

nomisec WORKING POC 2 stars
by Daniel224455 · poc
https://github.com/Daniel224455/katana

This repository contains a functional exploit for CVE-2021-30327, targeting Qualcomm BootROM via a stack overflow in the Sahara protocol. The exploit manipulates the stack pointer to corrupt memory and execute arbitrary shellcode, leveraging the SAHARA_RESET_STATE_MACHINE_ID command (0x13).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Qualcomm BootROM (Sahara protocol)
No auth needed
Prerequisites: Qualcomm device in Sahara mode · USB access to the device · Specific SoC model (e.g., sdm845)
devstral-2 · analyzed Jun 26, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0017
EPSS Percentile 6.3%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

Details

CWE
CWE-120
Status published
Products (50)
qualcomm/apq8097_firmware
qualcomm/apq8098_firmware
qualcomm/ipq6000_firmware
qualcomm/ipq6005_firmware
qualcomm/ipq6010_firmware
qualcomm/ipq6018_firmware
qualcomm/ipq6028_firmware
qualcomm/mdm9205_firmware
qualcomm/msm8997_firmware
qualcomm/msm8998_firmware
... and 40 more
Published Jun 14, 2022
Tracked Since Feb 18, 2026