#VU61832 Buffer overflow in Qualcomm products - CVE-2021-30327
Published: April 4, 2022
Vulnerability identifier: #VU61832
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-30327
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
APQ8097
IPQ6000
IPQ6005
IPQ6010
IPQ6018
IPQ6028
MDM9205
MSM8997
QCA6595
QCA6595AU
QCN7605W
QCN7606
QCN7606W
QCS401
QCS402
QCS403
QCS404
QCS407
SA2145P
SA2150P
SA4150P
SA4155P
SA415M
SA4250P
SA515M
SA6115
SA6115P
SA6125
SA6125P
SA6145
SA6145P
SA615x
SA615xP
SA8150P
SA8155
SA8155P
SA8195P
SC7180
SC7180P
SC8180XP
SDA658
SDA670
SDA830
SDM640
SDM658
SDM712
SDM830
SDM850
SDPX55M
SDX24M
SM4250
SM6125
SM6150P
SM6250
SM6250P
SM7125
SM7150P
SM7250
SM7250P
SM8150P
SXR2130P
APQ8098
MSM8998
QCN7605
QCS405
SC8180X
SDA660
SDA845
SDM660
SDM670
SDM710
SDM845
SDX24
SDX55
SM6150
SM7150
SM8150
SM8250
SXR2130
APQ8097
IPQ6000
IPQ6005
IPQ6010
IPQ6018
IPQ6028
MDM9205
MSM8997
QCA6595
QCA6595AU
QCN7605W
QCN7606
QCN7606W
QCS401
QCS402
QCS403
QCS404
QCS407
SA2145P
SA2150P
SA4150P
SA4155P
SA415M
SA4250P
SA515M
SA6115
SA6115P
SA6125
SA6125P
SA6145
SA6145P
SA615x
SA615xP
SA8150P
SA8155
SA8155P
SA8195P
SC7180
SC7180P
SC8180XP
SDA658
SDA670
SDA830
SDM640
SDM658
SDM712
SDM830
SDM850
SDPX55M
SDX24M
SM4250
SM6125
SM6150P
SM6250
SM6250P
SM7125
SM7150P
SM7250
SM7250P
SM8150P
SXR2130P
APQ8098
MSM8998
QCN7605
QCS405
SC8180X
SDA660
SDA845
SDM660
SDM670
SDM710
SDM845
SDX24
SDX55
SM6150
SM7150
SM8150
SM8250
SXR2130
Software vendor:
Qualcomm
Qualcomm
Description
The vulnerability allows an attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the EDL Sahara protocol implementation. An attacker with physical access to device can trigger memory corruption and execute arbitrary code on the target system.
Remediation
Install updates from vendor's website.