Vulnerability identifier: #VU51656
Vulnerability risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-823
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
AR7420
Mobile applications /
Mobile firmware & hardware
AR9580
Mobile applications /
Mobile firmware & hardware
CSR8811
Mobile applications /
Mobile firmware & hardware
IPQ4018
Mobile applications /
Mobile firmware & hardware
IPQ4028
Mobile applications /
Mobile firmware & hardware
IPQ4029
Mobile applications /
Mobile firmware & hardware
QCA10901
Mobile applications /
Mobile firmware & hardware
QCA4024
Mobile applications /
Mobile firmware & hardware
QCA7500
Mobile applications /
Mobile firmware & hardware
QCA7520
Mobile applications /
Mobile firmware & hardware
QCA7550
Mobile applications /
Mobile firmware & hardware
QCA8075
Mobile applications /
Mobile firmware & hardware
QCA9880
Mobile applications /
Mobile firmware & hardware
QCA9886
Mobile applications /
Mobile firmware & hardware
QCA9888
Mobile applications /
Mobile firmware & hardware
QCA9889
Mobile applications /
Mobile firmware & hardware
QCA9898
Mobile applications /
Mobile firmware & hardware
QCA9984
Mobile applications /
Mobile firmware & hardware
QCA9992
Mobile applications /
Mobile firmware & hardware
QCA9994
Mobile applications /
Mobile firmware & hardware
QCN3018
Mobile applications /
Mobile firmware & hardware
QFE1922
Mobile applications /
Mobile firmware & hardware
QFE1952
Mobile applications /
Mobile firmware & hardware
WCD9340
Mobile applications /
Mobile firmware & hardware
WSA8810
Mobile applications /
Mobile firmware & hardware
IPQ4019
Hardware solutions /
Firmware
Vendor: Qualcomm
Description
The vulnerability allows a local user to escalate privileges on the system
The vulnerability exists due to a boundary error in WIN TZ FW, when processing a pointer to buffer in trustzone. A local user can run a specially crafted program to trigger an out-of-bound pointer offset and execute arbitrary code on the system with elevated privileges.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
AR7420: All versions
AR9580: All versions
CSR8811: All versions
IPQ4018: All versions
IPQ4019: All versions
IPQ4028: All versions
IPQ4029: All versions
QCA10901: All versions
QCA4024: All versions
QCA7500: All versions
QCA7520: All versions
QCA7550: All versions
QCA8075: All versions
QCA9880: All versions
QCA9886: All versions
QCA9888: All versions
QCA9889: All versions
QCA9898: All versions
QCA9984: All versions
QCA9992: All versions
QCA9994: All versions
QCN3018: All versions
QFE1922: All versions
QFE1952: All versions
WCD9340: All versions
WSA8810: All versions
External links
http://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.