Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00025.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Qualcomm Subscribe
Apq8053 Subscribe
Apq8053 Firmware Subscribe
Aqt1000 Subscribe
Aqt1000 Firmware Subscribe
Msm8953 Subscribe
Msm8953 Firmware Subscribe
Qca6390 Subscribe
Qca6390 Firmware Subscribe
Qca6391 Subscribe
Qca6391 Firmware Subscribe
Qca6420 Subscribe
Qca6420 Firmware Subscribe
Qca6426 Subscribe
Qca6426 Firmware Subscribe
Qca6430 Subscribe
Qca6430 Firmware Subscribe
Qca6436 Subscribe
Qca6436 Firmware Subscribe
Qcm4290 Subscribe
Qcm4290 Firmware Subscribe
Qcs4290 Subscribe
Qcs4290 Firmware Subscribe
Qcs603 Subscribe
Qcs603 Firmware Subscribe
Qcs605 Subscribe
Qcs605 Firmware Subscribe
Qualcomm215 Subscribe
Qualcomm215 Firmware Subscribe
Sd460 Subscribe
Sd460 Firmware Subscribe
Sd480 Subscribe
Sd480 Firmware Subscribe
Sd662 Subscribe
Sd662 Firmware Subscribe
Sd680 Subscribe
Sd680 Firmware Subscribe
Sd690 5g Subscribe
Sd690 5g Firmware Subscribe
Sd695 Subscribe
Sd695 Firmware Subscribe
Sd750g Subscribe
Sd750g Firmware Subscribe
Sd765 Subscribe
Sd765 Firmware Subscribe
Sd765g Subscribe
Sd765g Firmware Subscribe
Sd768g Subscribe
Sd768g Firmware Subscribe
Sd778g Subscribe
Sd778g Firmware Subscribe
Sd780g Subscribe
Sd780g Firmware Subscribe
Sd855 Subscribe
Sd855 Firmware Subscribe
Sd865 5g Subscribe
Sd865 5g Firmware Subscribe
Sd870 Subscribe
Sd870 Firmware Subscribe
Sd888 5g Subscribe
Sd888 5g Firmware Subscribe
Sdx55 Subscribe
Sdx55 Firmware Subscribe
Sdx55m Subscribe
Sdx55m Firmware Subscribe
Sdxr2 5g Subscribe
Sdxr2 5g Firmware Subscribe
Sm7250p Subscribe
Sm7250p Firmware Subscribe
Sm7325p Subscribe
Sm7325p Firmware Subscribe
Wcd9326 Subscribe
Wcd9326 Firmware Subscribe
Wcd9341 Subscribe
Wcd9341 Firmware Subscribe
Wcd9370 Subscribe
Wcd9370 Firmware Subscribe
Wcd9375 Subscribe
Wcd9375 Firmware Subscribe
Wcd9380 Subscribe
Wcd9380 Firmware Subscribe
Wcd9385 Subscribe
Wcd9385 Firmware Subscribe
Wcn3615 Subscribe
Wcn3615 Firmware Subscribe
Wcn3660b Subscribe
Wcn3660b Firmware Subscribe
Wcn3680 Subscribe
Wcn3680 Firmware Subscribe
Wcn3680b Subscribe
Wcn3680b Firmware Subscribe
Wcn3950 Subscribe
Wcn3950 Firmware Subscribe
Wcn3980 Subscribe
Wcn3980 Firmware Subscribe
Wcn3988 Subscribe
Wcn3988 Firmware Subscribe
Wcn3990 Subscribe
Wcn3990 Firmware Subscribe
Wcn3991 Subscribe
Wcn3991 Firmware Subscribe
Wcn3998 Subscribe
Wcn3998 Firmware Subscribe
Wcn6740 Subscribe
Wcn6740 Firmware Subscribe
Wcn6750 Subscribe
Wcn6750 Firmware Subscribe
Wcn6850 Subscribe
Wcn6850 Firmware Subscribe
Wcn6851 Subscribe
Wcn6851 Firmware Subscribe
Wcn6855 Subscribe
Wcn6855 Firmware Subscribe
Wcn6856 Subscribe
Wcn6856 Firmware Subscribe
Wsa8810 Subscribe
Wsa8810 Firmware Subscribe
Wsa8815 Subscribe
Wsa8815 Firmware Subscribe
Wsa8830 Subscribe
Wsa8830 Firmware Subscribe
Wsa8835 Subscribe
Wsa8835 Firmware Subscribe

Configuration 1 [-]

AND
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:qualcomm:qualcomm215_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qualcomm215:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:qualcomm:sd680_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd680:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd690_5g:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd695:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd750g:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd778g:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd780g:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND
cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND
cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND
cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND
cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND
cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND
cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND
cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND
cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3680:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND
cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND
cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND
cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 59 [-]

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 60 [-]

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 61 [-]

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2021-21723 Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2024-08-04T00:33:51.063Z

Reserved: 2021-06-21T00:00:00

Link: CVE-2021-35079

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-06-14T10:15:15.943

Modified: 2024-11-21T06:11:49.637

Link: CVE-2021-35079

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses