Description
Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Scores
CVSS v3
6.2
EPSS
0.0003
EPSS Percentile
7.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-281
Status
published
Products (50)
qualcomm/apq8053_firmware
qualcomm/aqt1000_firmware
qualcomm/msm8953_firmware
qualcomm/qca6390_firmware
qualcomm/qca6391_firmware
qualcomm/qca6420_firmware
qualcomm/qca6426_firmware
qualcomm/qca6430_firmware
qualcomm/qca6436_firmware
qualcomm/qcm4290_firmware
... and 40 more
Published
Jun 14, 2022
Tracked Since
Feb 18, 2026