CVE-2021-35108

Description

Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile

CVSS breakdown

CVSS 3.1

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Qualcomm, Inc. / Snapdragon Connectivity, Snapdragon MobileSD 8 Gen1 5G, SM7450, SM8475, SM8475P, WCD9370, WCD9375, WCD9380, WCD9385, WCN6750, WCN6855, WCN6856, WCN7851, WSA8830, WSA8832, WSA8835 – SD 8 Gen1 5G, SM7450, SM8475, SM8475P, WCD9370, WCD9375, WCD9380, WCD9385, WCN6750, WCN6855, WCN6856, WCN7851, WSA8830, WSA8832, WSA8835

References

MISChttps://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin