What is CVE-2021-1892?

CVE-2021-1892 is a high-severity vulnerability in Qualcomm Aqt1000, classified under Out-of-bounds Write. CVSS score: 8.4/10. Published 2021-04-07.

How severe is CVE-2021-1892?

High severity. CVSS v3 base score is 8.4 out of 10.

Buffer overflow in Qualcomm Aqt1000

CVE-2021-1892

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking

Vulnerability class: Buffer Overflow

EPSS: 0.002 (5.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.4 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Qualcomm Aqt1000
Qualcomm Aqt1000_firmware
Qualcomm Pm8005
Qualcomm Pm8005_firmware
Qualcomm Pm855
Qualcomm Pm855_firmware
Qualcomm Pm855p
Qualcomm Pm855p_firmware
Qualcomm Pm8998
Qualcomm Pm8998_firmware

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

product-security@qualcomm.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2021-1892?: CVE-2021-1892 is a high-severity vulnerability in Qualcomm Aqt1000, classified under Out-of-bounds Write. CVSS score: 8.4/10. Published 2021-04-07.
How severe is CVE-2021-1892?: High severity. CVSS v3 base score is 8.4 out of 10.