Qca2062 Firmware
CVE-2021-30304
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
AnalysisAI
Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity Affected products include: Qualcomm Qca2062 Firmware, Qualcomm Qca2064 Firmware, Qualcomm Qca2065 Firmware, Qualcomm Qca2066 Firmware, Qualcomm Sc8280Xp Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.
More in Qca2062 Firmware
View allMemory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vuln
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critic
Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Co
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV
Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information. Rated high seve
Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Rated hig
Memory corruption when processing cmd parameters while parsing vdev. Rated high severity (CVSS 7.8), this vulnerability
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. Rated
Memory corruption in MPP performance while accessing DSM watermark using external memory address. Rated high severity (C
Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability i
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today