Vulnerability identifier: #VU51891
Vulnerability risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID: N/A
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
AQT1000
Mobile applications /
Mobile firmware & hardware
AR8035
Mobile applications /
Mobile firmware & hardware
FSM10055
Mobile applications /
Mobile firmware & hardware
FSM10056
Mobile applications /
Mobile firmware & hardware
PM3003A
Mobile applications /
Mobile firmware & hardware
PM7150A
Mobile applications /
Mobile firmware & hardware
PM7150L
Mobile applications /
Mobile firmware & hardware
PM7250
Mobile applications /
Mobile firmware & hardware
PM7250B
Mobile applications /
Mobile firmware & hardware
PM8004
Mobile applications /
Mobile firmware & hardware
PM8008
Mobile applications /
Mobile firmware & hardware
PM8009
Mobile applications /
Mobile firmware & hardware
PM8150
Mobile applications /
Mobile firmware & hardware
PM8150A
Mobile applications /
Mobile firmware & hardware
PM8150B
Mobile applications /
Mobile firmware & hardware
PM8150C
Mobile applications /
Mobile firmware & hardware
PM8150L
Mobile applications /
Mobile firmware & hardware
PM8250
Mobile applications /
Mobile firmware & hardware
PM855
Mobile applications /
Mobile firmware & hardware
PM855B
Mobile applications /
Mobile firmware & hardware
PM855L
Mobile applications /
Mobile firmware & hardware
PM855P
Mobile applications /
Mobile firmware & hardware
PMC1000H
Mobile applications /
Mobile firmware & hardware
PMK8002
Mobile applications /
Mobile firmware & hardware
PMR525
Mobile applications /
Mobile firmware & hardware
PMX50
Mobile applications /
Mobile firmware & hardware
PMX55
Mobile applications /
Mobile firmware & hardware
QAT3516
Mobile applications /
Mobile firmware & hardware
QAT3518
Mobile applications /
Mobile firmware & hardware
QAT3519
Mobile applications /
Mobile firmware & hardware
QAT3555
Mobile applications /
Mobile firmware & hardware
QAT5515
Mobile applications /
Mobile firmware & hardware
QAT5522
Mobile applications /
Mobile firmware & hardware
QAT5533
Mobile applications /
Mobile firmware & hardware
QBT2000
Mobile applications /
Mobile firmware & hardware
QCA6390
Mobile applications /
Mobile firmware & hardware
QCA6391
Mobile applications /
Mobile firmware & hardware
QCA6420
Mobile applications /
Mobile firmware & hardware
QCA6421
Mobile applications /
Mobile firmware & hardware
QCA6426
Mobile applications /
Mobile firmware & hardware
QCA6430
Mobile applications /
Mobile firmware & hardware
QCA6431
Mobile applications /
Mobile firmware & hardware
QCA6436
Mobile applications /
Mobile firmware & hardware
QCA6595AU
Mobile applications /
Mobile firmware & hardware
QCA6696
Mobile applications /
Mobile firmware & hardware
QCA8337
Mobile applications /
Mobile firmware & hardware
QDM2301
Mobile applications /
Mobile firmware & hardware
QDM2305
Mobile applications /
Mobile firmware & hardware
QDM3301
Mobile applications /
Mobile firmware & hardware
QDM5620
Mobile applications /
Mobile firmware & hardware
QDM5621
Mobile applications /
Mobile firmware & hardware
QDM5650
Mobile applications /
Mobile firmware & hardware
QDM5652
Mobile applications /
Mobile firmware & hardware
QDM5670
Mobile applications /
Mobile firmware & hardware
QDM5671
Mobile applications /
Mobile firmware & hardware
QDM5677
Mobile applications /
Mobile firmware & hardware
QDM5679
Mobile applications /
Mobile firmware & hardware
QET4101
Mobile applications /
Mobile firmware & hardware
QET5100
Mobile applications /
Mobile firmware & hardware
QET6110
Mobile applications /
Mobile firmware & hardware
QFS2530
Mobile applications /
Mobile firmware & hardware
QFS2580
Mobile applications /
Mobile firmware & hardware
QLN4642
Mobile applications /
Mobile firmware & hardware
QLN4650
Mobile applications /
Mobile firmware & hardware
QLN5020
Mobile applications /
Mobile firmware & hardware
QLN5030
Mobile applications /
Mobile firmware & hardware
QLN5040
Mobile applications /
Mobile firmware & hardware
QPA2625
Mobile applications /
Mobile firmware & hardware
QPA5580
Mobile applications /
Mobile firmware & hardware
QPA6560
Mobile applications /
Mobile firmware & hardware
QPA8673
Mobile applications /
Mobile firmware & hardware
QPA8686
Mobile applications /
Mobile firmware & hardware
QPA8801
Mobile applications /
Mobile firmware & hardware
QPA8802
Mobile applications /
Mobile firmware & hardware
QPA8803
Mobile applications /
Mobile firmware & hardware
QPA8821
Mobile applications /
Mobile firmware & hardware
QPA8842
Mobile applications /
Mobile firmware & hardware
QPM4650
Mobile applications /
Mobile firmware & hardware
QPM5541
Mobile applications /
Mobile firmware & hardware
QPM5577
Mobile applications /
Mobile firmware & hardware
QPM5579
Mobile applications /
Mobile firmware & hardware
QPM5620
Mobile applications /
Mobile firmware & hardware
QPM5621
Mobile applications /
Mobile firmware & hardware
QPM5657
Mobile applications /
Mobile firmware & hardware
QPM5658
Mobile applications /
Mobile firmware & hardware
QPM5670
Mobile applications /
Mobile firmware & hardware
QPM5677
Mobile applications /
Mobile firmware & hardware
QPM5679
Mobile applications /
Mobile firmware & hardware
QPM6325
Mobile applications /
Mobile firmware & hardware
QPM6375
Mobile applications /
Mobile firmware & hardware
QPM6582
Mobile applications /
Mobile firmware & hardware
QPM6585
Mobile applications /
Mobile firmware & hardware
QPM8820
Mobile applications /
Mobile firmware & hardware
QPM8830
Mobile applications /
Mobile firmware & hardware
QPM8895
Mobile applications /
Mobile firmware & hardware
QSM7250
Mobile applications /
Mobile firmware & hardware
QTC800H
Mobile applications /
Mobile firmware & hardware
QTC801S
Mobile applications /
Mobile firmware & hardware
QTM525
Mobile applications /
Mobile firmware & hardware
QTM527
Mobile applications /
Mobile firmware & hardware
SA515M
Mobile applications /
Mobile firmware & hardware
SD8C
Mobile applications /
Mobile firmware & hardware
SD8CX
Mobile applications /
Mobile firmware & hardware
SD765
Mobile applications /
Mobile firmware & hardware
SD765G
Mobile applications /
Mobile firmware & hardware
SD768G
Mobile applications /
Mobile firmware & hardware
SD8655G
Mobile applications /
Mobile firmware & hardware
SD870
Mobile applications /
Mobile firmware & hardware
SDR051
Mobile applications /
Mobile firmware & hardware
SDR052
Mobile applications /
Mobile firmware & hardware
SDR8150
Mobile applications /
Mobile firmware & hardware
SDR8250
Mobile applications /
Mobile firmware & hardware
SDR865
Mobile applications /
Mobile firmware & hardware
SDX50M
Mobile applications /
Mobile firmware & hardware
SDX55M
Mobile applications /
Mobile firmware & hardware
SDXR25G
Mobile applications /
Mobile firmware & hardware
SM7250P
Mobile applications /
Mobile firmware & hardware
SMB1355
Mobile applications /
Mobile firmware & hardware
SMB1381
Mobile applications /
Mobile firmware & hardware
SMB1390
Mobile applications /
Mobile firmware & hardware
SMB1395
Mobile applications /
Mobile firmware & hardware
SMB2351
Mobile applications /
Mobile firmware & hardware
SMR525
Mobile applications /
Mobile firmware & hardware
SMR526
Mobile applications /
Mobile firmware & hardware
WCD9340
Mobile applications /
Mobile firmware & hardware
WCD9341
Mobile applications /
Mobile firmware & hardware
WCD9380
Mobile applications /
Mobile firmware & hardware
WCD9385
Mobile applications /
Mobile firmware & hardware
WCN3991
Mobile applications /
Mobile firmware & hardware
WCN3998
Mobile applications /
Mobile firmware & hardware
WCN6750
Mobile applications /
Mobile firmware & hardware
WCN6850
Mobile applications /
Mobile firmware & hardware
WCN6851
Mobile applications /
Mobile firmware & hardware
WSA8810
Mobile applications /
Mobile firmware & hardware
WSA8815
Mobile applications /
Mobile firmware & hardware
SD855
Hardware solutions /
Firmware
SDX55
Hardware solutions /
Firmware
Vendor: Qualcomm
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists in LTE module due to RRC sends a connection establishment success to NAS even though connection setup validation returns failure. A remote attacker can perform a denial of service attack.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
AQT1000: All versions
AR8035: All versions
FSM10055: All versions
FSM10056: All versions
PM3003A: All versions
PM7150A: All versions
PM7150L: All versions
PM7250: All versions
PM7250B: All versions
PM8004: All versions
PM8008: All versions
PM8009: All versions
PM8150: All versions
PM8150A: All versions
PM8150B: All versions
PM8150C: All versions
PM8150L: All versions
PM8250: All versions
PM855: All versions
PM855B: All versions
PM855L: All versions
PM855P: All versions
PMC1000H: All versions
PMK8002: All versions
PMR525: All versions
PMX50: All versions
PMX55: All versions
QAT3516: All versions
QAT3518: All versions
QAT3519: All versions
QAT3555: All versions
QAT5515: All versions
QAT5522: All versions
QAT5533: All versions
QBT2000: All versions
QCA6390: All versions
QCA6391: All versions
QCA6420: All versions
QCA6421: All versions
QCA6426: All versions
QCA6430: All versions
QCA6431: All versions
QCA6436: All versions
QCA6595AU: All versions
QCA6696: All versions
QCA8337: All versions
QDM2301: All versions
QDM2305: All versions
QDM3301: All versions
QDM5620: All versions
QDM5621: All versions
QDM5650: All versions
QDM5652: All versions
QDM5670: All versions
QDM5671: All versions
QDM5677: All versions
QDM5679: All versions
QET4101: All versions
QET5100: All versions
QET6110: All versions
QFS2530: All versions
QFS2580: All versions
QLN4642: All versions
QLN4650: All versions
QLN5020: All versions
QLN5030: All versions
QLN5040: All versions
QPA2625: All versions
QPA5580: All versions
QPA6560: All versions
QPA8673: All versions
QPA8686: All versions
QPA8801: All versions
QPA8802: All versions
QPA8803: All versions
QPA8821: All versions
QPA8842: All versions
QPM4650: All versions
QPM5541: All versions
QPM5577: All versions
QPM5579: All versions
QPM5620: All versions
QPM5621: All versions
QPM5657: All versions
QPM5658: All versions
QPM5670: All versions
QPM5677: All versions
QPM5679: All versions
QPM6325: All versions
QPM6375: All versions
QPM6582: All versions
QPM6585: All versions
QPM8820: All versions
QPM8830: All versions
QPM8895: All versions
QSM7250: All versions
QTC800H: All versions
QTC801S: All versions
QTM525: All versions
QTM527: All versions
SA515M: All versions
SD8C: All versions
SD8CX: All versions
SD765: All versions
SD765G: All versions
SD768G: All versions
SD855: All versions
SD8655G: All versions
SD870: All versions
SDR051: All versions
SDR052: All versions
SDR8150: All versions
SDR8250: All versions
SDR865: All versions
SDX50M: All versions
SDX55: All versions
SDX55M: All versions
SDXR25G: All versions
SM7250P: All versions
SMB1355: All versions
SMB1381: All versions
SMB1390: All versions
SMB1395: All versions
SMB2351: All versions
SMR525: All versions
SMR526: All versions
WCD9340: All versions
WCD9341: All versions
WCD9380: All versions
WCD9385: All versions
WCN3991: All versions
WCN3998: All versions
WCN6750: All versions
WCN6850: All versions
WCN6851: All versions
WSA8810: All versions
WSA8815: All versions
External links
http://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.