CVE-2021-30339
CRITICALQualcomm AR8035 and Multiple Firmware - Improper Key Generation via PRNG Buffer Validation
Title source: llmDescription
Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin
Scores
CVSS v3
9.0
EPSS
0.0004
EPSS Percentile
11.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Details
Status
published
Products (50)
qualcomm/ar8035_firmware
qualcomm/qca6391_firmware
qualcomm/qca8081_firmware
qualcomm/qca8337_firmware
qualcomm/qca9984_firmware
qualcomm/qcm2290_firmware
qualcomm/qcm4290_firmware
qualcomm/qcm6490_firmware
qualcomm/qcs2290_firmware
qualcomm/qcs405_firmware
... and 40 more
Published
Jun 14, 2022
Tracked Since
Feb 18, 2026