CVE-2021-1896

Published: Jul 13, 2021Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity

Affected (22)

Products: Qualcomm: Aqt1000 Firmware, Qca6164 Firmware, Qca6174 Firmware, Qca6174a Firmware, Qca6420 Firmware, Qca6430 Firmware, Qca9377 Firmware, Sc8180x Firmware, Sd 8c Firmware, Sd 8cx Firmware, Sd7c Firmware, Sd850 Firmware, Sm6250 Firmware, Wcd9340 Firmware, Wcd9341 Firmware, Wcn3990 Firmware, Wcn3991 Firmware, Wcn3998 Firmware, Wcn6850 Firmware, Wsa8810 Firmware, Wsa8815 Firmware, Sdx55 Firmware

Qualcomm

22 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Aqt1000 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Aqt1000	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6164 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6164	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6174 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6174	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6174a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6174a	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6420 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6420	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6430 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6430	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca9377 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca9377	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8180x Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8180x	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 8c Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 8c	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 8cx Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 8cx	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd7c Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd7c	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd850 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd850	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm6250 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm6250	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9341 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9341	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3990 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3990	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3991 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3991	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3998 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3998	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn6850 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn6850	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx55 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx55	All versions

Related CWEs

CWE-319

Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin

Source: product-security@qualcomm.com

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.