CVE-2021-35123 : Buffer copy in GATT multi notification due to improper length check for the data

Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT

Published 2022-06-14 10:15:18

Updated 2023-04-19 17:10:55

Source Qualcomm, Inc.

View at NVD, CVE.org

Products affected by CVE-2021-35123

Qualcomm » Sd855 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd855 » Version: N/A
Qualcomm » Qca6390 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6390 » Version: N/A
Qualcomm » Aqt1000 Firmware » Version: N/A
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Aqt1000 » Version: N/A
Qualcomm » Qca6391 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6391 » Version: N/A
Qualcomm » Wcd9335 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9335 » Version: N/A
Qualcomm » Wcn3998 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3998 » Version: N/A
Qualcomm » Wcn6850 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6850 » Version: N/A
Qualcomm » Wcn6851 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6851 » Version: N/A
Qualcomm » Wcn6855 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6855 » Version: N/A
Qualcomm » Wcn6856 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6856 » Version: N/A
Qualcomm » Sdx55m Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx55m » Version: N/A
Qualcomm » Sd660 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd660 » Version: N/A
Qualcomm » Sd865 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd865 5g » Version: N/A
Qualcomm » Sd888 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd888 5g » Version: N/A
Qualcomm » Wcd9370 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9370 » Version: N/A
Qualcomm » Wcd9375 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9375 » Version: N/A
Qualcomm » Wcd9380 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9380 » Version: N/A
Qualcomm » Wcd9385 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9385 » Version: N/A
Qualcomm » Wcn3980 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3980 » Version: N/A
Qualcomm » Wcn3988 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3988 » Version: N/A
Qualcomm » Wcn3991 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3991 » Version: N/A
Qualcomm » Wcn6750 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6750 » Version: N/A
Qualcomm » Wsa8830 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8830 » Version: N/A
Qualcomm » Wsa8835 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8835 » Version: N/A
Qualcomm » Wcn6740 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6740 » Version: N/A
Qualcomm » Sd870 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd870 » Version: N/A
Qualcomm » Sd480 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd480 » Version: N/A
Qualcomm » Sd778g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd778g » Version: N/A
Qualcomm » Sm7325p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm7325p » Version: N/A
Qualcomm » Sd780g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd780g » Version: N/A
Qualcomm » Sm6375 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm6375_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm6375 » Version: N/A
Qualcomm » Sd 8 Gen1 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm8475 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-35123

EPSS FAQ

0.16%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 33 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-35123

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
8.3	HIGH	AV:A/AC:L/Au:N/C:C/I:C/A:C	6.5	10.0	NIST
Access Vector: Adjacent Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.8	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.8	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	Qualcomm, Inc.
Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2021-35123

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

Qualcomm Documentation
Patch;Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-35123

Products affected by CVE-2021-35123

Exploit prediction scoring system (EPSS) score for CVE-2021-35123

CVSS scores for CVE-2021-35123

References for CVE-2021-35123