What is the severity of CVE-2021-1892?

CVE-2021-1892 is categorized as a high severity vulnerability due to memory corruption that could allow an attacker to execute arbitrary code.

How do I fix CVE-2021-1892?

To fix CVE-2021-1892, it is recommended to update the affected Qualcomm firmware to the latest version provided by Qualcomm.

Which devices are affected by CVE-2021-1892?

CVE-2021-1892 affects various Qualcomm devices including the aqt1000 and Pm8005 firmware among others.

What type of vulnerability is CVE-2021-1892?

CVE-2021-1892 is a memory corruption vulnerability caused by improper input validation in several Qualcomm firmware components.

Can CVE-2021-1892 be exploited remotely?

Yes, CVE-2021-1892 may be exploited remotely if an attacker can send malicious IO control commands to the vulnerable devices.

Vulnerability/
CVE-2021-1892

high

8.4

CWE

20 787

7/4/2021

3/8/2024

CVE-2021-1892: Input Validation

First published: Wed Apr 07 2021(Updated: )

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Qualcomm aqt1000 firmware
Qualcomm aqt1000
Qualcomm Pm8005 Firmware
Qualcomm pm8005
Qualcomm Pm855 Firmware
Qualcomm pm855
Qualcomm Pm855p Firmware
Qualcomm pm855p
Qualcomm Pm8998 Firmware
Qualcomm pm8998
Qualcomm Pmi8998 Firmware
Qualcomm Pmi8998
Qualcomm Qat3550 Firmware
Qualcomm Qat3550
qualcomm qca1062 Firmware
qualcomm qca1062
qualcomm qca1064 Firmware
qualcomm qca1064
qualcomm qca2066 Firmware
qualcomm qca2066
Qualcomm Qca6164 Firmware
Qualcomm Qca6164
Qualcomm Qca6174 Firmware
Qualcomm Qca6174
Qualcomm qca6174a firmware
Qualcomm qca6174a
qualcomm qca6310 firmware
qualcomm qca6310
Qualcomm qca6335 firmware
Qualcomm qca6335
qualcomm qca6391 firmware
qualcomm qca6391
Qualcomm qca6420 firmware
Qualcomm qca6420
Qualcomm qca6430 firmware
Qualcomm qca6430
qualcomm qca6595au firmware
qualcomm qca6595au
Qualcomm qca9377 firmware
Qualcomm qca9377
qualcomm qcn7605 Firmware
qualcomm qcn7605
qualcomm qcn7606 Firmware
qualcomm qcn7606
Qualcomm Qet4100 Firmware
Qualcomm Qet4100
Qualcomm Qfe2081fc Firmware
Qualcomm Qfe2081fc
Qualcomm Qfe2082fc Firmware
Qualcomm Qfe2082fc
Qualcomm Qfe3100 Firmware
Qualcomm Qfe3100
Qualcomm Qfe3440fc Firmware
Qualcomm Qfe3440fc
Qualcomm Qfe4455fc Firmware
Qualcomm Qfe4455fc
Qualcomm Qln1035bd Firmware
Qualcomm Qln1035bd
Qualcomm Sd8c Firmware
Qualcomm Sd8c
Qualcomm Sd8cx Firmware
Qualcomm Sd8cx
Qualcomm sd835 firmware
Qualcomm sd835
Qualcomm sd845 firmware
Qualcomm sd845
qualcomm sd850 firmware
qualcomm sd850
Qualcomm Sdr8150 Firmware
Qualcomm Sdr8150
Qualcomm Smb1350 Firmware
Qualcomm Smb1350
Qualcomm Smb1351 Firmware
Qualcomm Smb1351
Qualcomm Smb1380 Firmware
Qualcomm Smb1380
Qualcomm Smb1381 Firmware
Qualcomm Smb1381
Qualcomm Smb1390 Firmware
Qualcomm Smb1390
Qualcomm Smb2351 Firmware
Qualcomm Smb2351
Qualcomm wcd9335 firmware
qualcomm wcd9335
qualcomm wcd9340 firmware
qualcomm wcd9340
qualcomm wcd9341 firmware
qualcomm wcd9341
qualcomm wcn3990 firmware
qualcomm wcn3990
Qualcomm wcn3998 firmware
Qualcomm wcn3998
Qualcomm WCN6850 Firmware
Qualcomm WCN6850 Firmware
Qualcomm WCN6851 Firmware
Qualcomm WCN6851 Firmware
Qualcomm wcn6855 firmware
qualcomm wcn6855
Qualcomm wcn6856 firmware
qualcomm wcn6856
Qualcomm Wgr7640 Firmware
Qualcomm Wgr7640
qualcomm wsa8810 firmware
qualcomm wsa8810
qualcomm wsa8815 firmware
qualcomm wsa8815
Qualcomm Wtr5975 Firmware
Qualcomm Wtr5975

Never miss a vulnerability like this again

Reference Links

https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Frequently Asked Questions

What is the severity of CVE-2021-1892?
CVE-2021-1892 is categorized as a high severity vulnerability due to memory corruption that could allow an attacker to execute arbitrary code.
How do I fix CVE-2021-1892?
To fix CVE-2021-1892, it is recommended to update the affected Qualcomm firmware to the latest version provided by Qualcomm.
Which devices are affected by CVE-2021-1892?
CVE-2021-1892 affects various Qualcomm devices including the aqt1000 and Pm8005 firmware among others.
What type of vulnerability is CVE-2021-1892?
CVE-2021-1892 is a memory corruption vulnerability caused by improper input validation in several Qualcomm firmware components.
Can CVE-2021-1892 be exploited remotely?
Yes, CVE-2021-1892 may be exploited remotely if an attacker can send malicious IO control commands to the vulnerable devices.

CVE-2021-1892: Input Validation

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-1892?

How do I fix CVE-2021-1892?

Which devices are affected by CVE-2021-1892?

What type of vulnerability is CVE-2021-1892?

Can CVE-2021-1892 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2021-1892?

How do I fix CVE-2021-1892?

Which devices are affected by CVE-2021-1892?

What type of vulnerability is CVE-2021-1892?

Can CVE-2021-1892 be exploited remotely?