CVE-2021-35097
CVE-2021-35097
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
02 Sep 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N