← back
CVE-2021-1972

CVE-2021-1972

CVSS 9.8 CRITICALEPSS 0.8%
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
08 Sep 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Qualcomm, Inc. · Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin