Vulnerability identifier: #VU56335
Vulnerability risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-126
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
AQT1000
Mobile applications /
Mobile firmware & hardware
AR8035
Mobile applications /
Mobile firmware & hardware
CSR8811
Mobile applications /
Mobile firmware & hardware
CSRB31024
Mobile applications /
Mobile firmware & hardware
IPQ5010
Mobile applications /
Mobile firmware & hardware
IPQ5018
Mobile applications /
Mobile firmware & hardware
IPQ6000
Mobile applications /
Mobile firmware & hardware
IPQ6005
Mobile applications /
Mobile firmware & hardware
IPQ6010
Mobile applications /
Mobile firmware & hardware
IPQ6018
Mobile applications /
Mobile firmware & hardware
IPQ6028
Mobile applications /
Mobile firmware & hardware
IPQ8070
Mobile applications /
Mobile firmware & hardware
IPQ8070A
Mobile applications /
Mobile firmware & hardware
IPQ8071
Mobile applications /
Mobile firmware & hardware
IPQ8071A
Mobile applications /
Mobile firmware & hardware
IPQ8072
Mobile applications /
Mobile firmware & hardware
IPQ8072A
Mobile applications /
Mobile firmware & hardware
IPQ8074A
Mobile applications /
Mobile firmware & hardware
IPQ8076
Mobile applications /
Mobile firmware & hardware
IPQ8076A
Mobile applications /
Mobile firmware & hardware
IPQ8078
Mobile applications /
Mobile firmware & hardware
IPQ8078A
Mobile applications /
Mobile firmware & hardware
IPQ8173
Mobile applications /
Mobile firmware & hardware
IPQ8174
Mobile applications /
Mobile firmware & hardware
QCA1062
Mobile applications /
Mobile firmware & hardware
QCA1064
Mobile applications /
Mobile firmware & hardware
QCA2062
Mobile applications /
Mobile firmware & hardware
QCA2064
Mobile applications /
Mobile firmware & hardware
QCA2065
Mobile applications /
Mobile firmware & hardware
QCA2066
Mobile applications /
Mobile firmware & hardware
QCA4024
Mobile applications /
Mobile firmware & hardware
QCA6175A
Mobile applications /
Mobile firmware & hardware
QCA6390
Mobile applications /
Mobile firmware & hardware
QCA6391
Mobile applications /
Mobile firmware & hardware
QCA6420
Mobile applications /
Mobile firmware & hardware
QCA6421
Mobile applications /
Mobile firmware & hardware
QCA6426
Mobile applications /
Mobile firmware & hardware
QCA6428
Mobile applications /
Mobile firmware & hardware
QCA6430
Mobile applications /
Mobile firmware & hardware
QCA6431
Mobile applications /
Mobile firmware & hardware
QCA6436
Mobile applications /
Mobile firmware & hardware
QCA6438
Mobile applications /
Mobile firmware & hardware
QCA6564A
Mobile applications /
Mobile firmware & hardware
QCA6564AU
Mobile applications /
Mobile firmware & hardware
QCA6574
Mobile applications /
Mobile firmware & hardware
QCA6574A
Mobile applications /
Mobile firmware & hardware
QCA6584AU
Mobile applications /
Mobile firmware & hardware
QCA6595
Mobile applications /
Mobile firmware & hardware
QCA6595AU
Mobile applications /
Mobile firmware & hardware
QCA6694
Mobile applications /
Mobile firmware & hardware
QCA6696
Mobile applications /
Mobile firmware & hardware
QCA8072
Mobile applications /
Mobile firmware & hardware
QCA8075
Mobile applications /
Mobile firmware & hardware
QCA8081
Mobile applications /
Mobile firmware & hardware
QCA8337
Mobile applications /
Mobile firmware & hardware
QCA9888
Mobile applications /
Mobile firmware & hardware
QCA9889
Mobile applications /
Mobile firmware & hardware
QCA9984
Mobile applications /
Mobile firmware & hardware
QCN5021
Mobile applications /
Mobile firmware & hardware
QCN5022
Mobile applications /
Mobile firmware & hardware
QCN5024
Mobile applications /
Mobile firmware & hardware
QCN5052
Mobile applications /
Mobile firmware & hardware
QCN5054
Mobile applications /
Mobile firmware & hardware
QCN5064
Mobile applications /
Mobile firmware & hardware
QCN5121
Mobile applications /
Mobile firmware & hardware
QCN5122
Mobile applications /
Mobile firmware & hardware
QCN5124
Mobile applications /
Mobile firmware & hardware
QCN5152
Mobile applications /
Mobile firmware & hardware
QCN5154
Mobile applications /
Mobile firmware & hardware
QCN5164
Mobile applications /
Mobile firmware & hardware
QCN5550
Mobile applications /
Mobile firmware & hardware
QCN6023
Mobile applications /
Mobile firmware & hardware
QCN6024
Mobile applications /
Mobile firmware & hardware
QCN9000
Mobile applications /
Mobile firmware & hardware
QCN9012
Mobile applications /
Mobile firmware & hardware
QCN9022
Mobile applications /
Mobile firmware & hardware
QCN9024
Mobile applications /
Mobile firmware & hardware
QCN9070
Mobile applications /
Mobile firmware & hardware
QCN9072
Mobile applications /
Mobile firmware & hardware
QCN9074
Mobile applications /
Mobile firmware & hardware
QCN9100
Mobile applications /
Mobile firmware & hardware
QCX315
Mobile applications /
Mobile firmware & hardware
QSM8350
Mobile applications /
Mobile firmware & hardware
SA415M
Mobile applications /
Mobile firmware & hardware
SA515M
Mobile applications /
Mobile firmware & hardware
SA6145P
Mobile applications /
Mobile firmware & hardware
SA6150P
Mobile applications /
Mobile firmware & hardware
SA6155
Mobile applications /
Mobile firmware & hardware
SA8145P
Mobile applications /
Mobile firmware & hardware
SA8150P
Mobile applications /
Mobile firmware & hardware
SA8155
Mobile applications /
Mobile firmware & hardware
SA8155P
Mobile applications /
Mobile firmware & hardware
SA8195P
Mobile applications /
Mobile firmware & hardware
SC8280XP
Mobile applications /
Mobile firmware & hardware
SD8C
Mobile applications /
Mobile firmware & hardware
SD8CX
Mobile applications /
Mobile firmware & hardware
SD8655G
Mobile applications /
Mobile firmware & hardware
SD870
Mobile applications /
Mobile firmware & hardware
SD8885G
Mobile applications /
Mobile firmware & hardware
SDX55M
Mobile applications /
Mobile firmware & hardware
SDXR25G
Mobile applications /
Mobile firmware & hardware
WCD9340
Mobile applications /
Mobile firmware & hardware
WCD9341
Mobile applications /
Mobile firmware & hardware
WCD9360
Mobile applications /
Mobile firmware & hardware
WCD9380
Mobile applications /
Mobile firmware & hardware
WCD9385
Mobile applications /
Mobile firmware & hardware
WCN3998
Mobile applications /
Mobile firmware & hardware
WCN6745
Mobile applications /
Mobile firmware & hardware
WCN6750
Mobile applications /
Mobile firmware & hardware
WCN6850
Mobile applications /
Mobile firmware & hardware
WCN6851
Mobile applications /
Mobile firmware & hardware
WCN6855
Mobile applications /
Mobile firmware & hardware
WCN6856
Mobile applications /
Mobile firmware & hardware
WSA8810
Mobile applications /
Mobile firmware & hardware
WSA8815
Mobile applications /
Mobile firmware & hardware
WSA8830
Mobile applications /
Mobile firmware & hardware
WSA8835
Mobile applications /
Mobile firmware & hardware
IPQ8074
Hardware solutions /
Firmware
QCA6574AU
Hardware solutions /
Firmware
SA6155P
Hardware solutions /
Firmware
SDX55
Hardware solutions /
Firmware
Vendor: Qualcomm
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to lack of physical layer state validation within the WLAN HAL. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
AQT1000: All versions
AR8035: All versions
CSR8811: All versions
CSRB31024: All versions
IPQ5010: All versions
IPQ5018: All versions
IPQ6000: All versions
IPQ6005: All versions
IPQ6010: All versions
IPQ6018: All versions
IPQ6028: All versions
IPQ8070: All versions
IPQ8070A: All versions
IPQ8071: All versions
IPQ8071A: All versions
IPQ8072: All versions
IPQ8072A: All versions
IPQ8074: All versions
IPQ8074A: All versions
IPQ8076: All versions
IPQ8076A: All versions
IPQ8078: All versions
IPQ8078A: All versions
IPQ8173: All versions
IPQ8174: All versions
QCA1062: All versions
QCA1064: All versions
QCA2062: All versions
QCA2064: All versions
QCA2065: All versions
QCA2066: All versions
QCA4024: All versions
QCA6175A: All versions
QCA6390: All versions
QCA6391: All versions
QCA6420: All versions
QCA6421: All versions
QCA6426: All versions
QCA6428: All versions
QCA6430: All versions
QCA6431: All versions
QCA6436: All versions
QCA6438: All versions
QCA6564A: All versions
QCA6564AU: All versions
QCA6574: All versions
QCA6574A: All versions
QCA6574AU: All versions
QCA6584AU: All versions
QCA6595: All versions
QCA6595AU: All versions
QCA6694: All versions
QCA6696: All versions
QCA8072: All versions
QCA8075: All versions
QCA8081: All versions
QCA8337: All versions
QCA9888: All versions
QCA9889: All versions
QCA9984: All versions
QCN5021: All versions
QCN5022: All versions
QCN5024: All versions
QCN5052: All versions
QCN5054: All versions
QCN5064: All versions
QCN5121: All versions
QCN5122: All versions
QCN5124: All versions
QCN5152: All versions
QCN5154: All versions
QCN5164: All versions
QCN5550: All versions
QCN6023: All versions
QCN6024: All versions
QCN9000: All versions
QCN9012: All versions
QCN9022: All versions
QCN9024: All versions
QCN9070: All versions
QCN9072: All versions
QCN9074: All versions
QCN9100: All versions
QCX315: All versions
QSM8350: All versions
SA415M: All versions
SA515M: All versions
SA6145P: All versions
SA6150P: All versions
SA6155: All versions
SA6155P: All versions
SA8145P: All versions
SA8150P: All versions
SA8155: All versions
SA8155P: All versions
SA8195P: All versions
SC8280XP: All versions
SD8C: All versions
SD8CX: All versions
SD8655G: All versions
SD870: All versions
SD8885G: All versions
SDX55: All versions
SDX55M: All versions
SDXR25G: All versions
WCD9340: All versions
WCD9341: All versions
WCD9360: All versions
WCD9380: All versions
WCD9385: All versions
WCN3998: All versions
WCN6745: All versions
WCN6750: All versions
WCN6850: All versions
WCN6851: All versions
WCN6855: All versions
WCN6856: All versions
WSA8810: All versions
WSA8815: All versions
WSA8830: All versions
WSA8835: All versions
External links
http://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.