← back
CVE-2021-35097

CVE-2021-35097

CVSS 7.3 HIGHEPSS 0.2%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
02 Sep 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N