{"containers": {"cna": {"affected": [{"product": "Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "APQ8009W, AQT1000, MSM8909W, QCA4020, QCA6174A, QCA6420, QCA6430, QCA9379, Qualcomm215, SD 675, SD205, SD210, SD675, SD678, SD720G, SD730, SD855, SDA429W, SDM429W, SDX50M, SDX55, SDX55M, SM6250, WCD9326, WCD9341, WCD9370, WCD9375, WCD9380, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3991, WCN3998, WSA8810, WSA8815"}]}], "descriptions": [{"lang": "en", "value": "Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Buffer Over-read in Boot", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-13T05:30:48", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2021-1899", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables", "version": {"version_data": [{"version_value": "APQ8009W, AQT1000, MSM8909W, QCA4020, QCA6174A, QCA6420, QCA6430, QCA9379, Qualcomm215, SD 675, SD205, SD210, SD675, SD678, SD720G, SD730, SD855, SDA429W, SDM429W, SDX50M, SDX55, SDX55M, SM6250, WCD9326, WCD9341, WCD9370, WCD9375, WCD9380, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3991, WCN3998, WSA8810, WSA8815"}]}}]}, "vendor_name": "Qualcomm, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"}]}, "impact": {"cvss": {"baseScore": "4.6", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Buffer Over-read in Boot"}]}]}, "references": {"reference_data": [{"name": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin", "refsource": "CONFIRM", "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"}]}}}}, "cveMetadata": {"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2021-1899", "datePublished": "2021-07-13T05:30:48", "dateReserved": "2020-12-08T00:00:00", "dateUpdated": "2021-07-13T05:30:48", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:apq8009w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9FFEE117-AC33-474D-B19C-F4738D68F72A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:apq8009w:-:*:*:*:*:*:*:*", "matchCriteriaId": "1549F2DF-1B57-4091-9052-9A5E082E9C63", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE28A59C-7AA6-4B85-84E8-07852B96108E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DEE828B-09A7-4AC1-8134-491A7C87C118", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "97E02FD6-F0A7-4B60-9ED8-26AAE497AEED", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca4020:-:*:*:*:*:*:*:*", "matchCriteriaId": "3A732D0D-E999-4CE8-9448-FC6BA7FCC0A4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "25565FDA-651D-4A05-8B1E-2188B6921253", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca9379:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8D49750-BBEA-4A3D-9898-28B7A50A7F42", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qualcomm215_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED28C2CB-818D-47FF-B9CC-746243DC1E61", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qualcomm215:-:*:*:*:*:*:*:*", "matchCriteriaId": "4ADFD2AF-C62F-4684-A238-E9080A3FEE01", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "47AB5135-6391-45C1-81DE-803E3834F196", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:*", "matchCriteriaId": "FCEF246C-6B39-4DC2-81B0-040DCAAD5177", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D6D6965-B5B2-46D2-8718-43B7B22441C0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*", "matchCriteriaId": "E75C7497-A7DC-436B-BACD-71F69D99517D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "37279B9A-6074-455A-80E2-80EFC0DD535B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd678:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC637743-D088-48A2-A0F8-829776DD3065", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "21237024-F9FE-4CE4-A536-B6D4D5EF5404", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd720g:-:*:*:*:*:*:*:*", "matchCriteriaId": "2900D4DA-9DEA-4FDE-9C66-DD7F7AB88B94", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sda429w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "913796B0-E3FB-4654-89A8-ED72D45A8D4E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sda429w:-:*:*:*:*:*:*:*", "matchCriteriaId": "6616E0B9-B10F-483C-9B28-0A0557DC3372", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*", "matchCriteriaId": "72F6CE39-9299-4FC3-BC48-11F79034F2E4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "77FE5DEF-CB0F-459D-B5AA-9F45FE24AFD2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx50m:-:*:*:*:*:*:*:*", "matchCriteriaId": "657515D9-D609-4F76-9154-5ACC773A1C70", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9590EF1F-E821-4525-943B-4A315ACAEFFC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A7D32B3-325E-4B1F-8649-3D0071396BBA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*", "matchCriteriaId": "62B00662-139A-4E36-98FA-D4F7D101D4AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F66A898-3C7A-4D44-86BD-89129F04E654", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3680:-:*:*:*:*:*:*:*", "matchCriteriaId": "B612B044-C7D1-4662-AB2A-5400E34A3CA7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "19013619-9B73-4A4F-B5B2-2A7D9A41D81E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*", "matchCriteriaId": "9523ACC9-9D2F-4A40-9CEF-9A9676176867", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"}, {"lang": "es", "value": "Una posible lectura excesiva del b\u00fafer debido a una falta de comprobaci\u00f3n de la longitud mientras parpadean las im\u00e1genes meta en Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"}], "id": "CVE-2021-1899", "lastModified": "2021-07-15T18:39:40.287", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "product-security@qualcomm.com", "type": "Secondary"}]}, "published": "2021-07-13T06:15:08.337", "references": [{"source": "product-security@qualcomm.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"}], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}