Skip to main content

Qualcomm Snapdragon CVE-2026-21383

| EUVDEUVD-2026-41930 HIGH
Reusing a Nonce, Key Pair in Encryption (CWE-323)
2026-07-06 qualcomm GHSA-3p8m-mr3f-jqg6
7.1
CVSS 3.1 · Vendor: qualcomm
Share

Severity by source

Vendor (qualcomm) PRIMARY
7.1 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
vuln.today AI
6.3 MEDIUM

Local low-privilege access (AV:L/PR:L); nonce-reuse recovery requires capturing multiple ciphertexts and cryptanalysis so AC:H; key confidentiality and integrity forgery give C:H/I:H, no availability impact (A:N).

3.1 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
4.0 AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (qualcomm).

CVSS VectorVendor: qualcomm

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jul 06, 2026 - 21:08 vuln.today

DescriptionCVE.org

Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.

AnalysisAI

Sensitive key material can be exposed in Qualcomm Snapdragon platforms because AES-GCM key wrapping is performed with a hardcoded/static initialization vector instead of a unique per-call nonce. A local, low-privileged attacker who can collect multiple wrapped outputs can exploit the resulting IV/nonce reuse to recover confidentiality and forge integrity of wrapped keys. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local low-privilege code execution
Delivery
Invoke AES-GCM key-wrap routine repeatedly
Exploit
Collect outputs sharing static IV
Execution
Exploit GCM nonce reuse (recover keystream/GHASH key)
Impact
Disclose or forge wrapped key material

Vulnerability AssessmentAI

Exploitation Exploitation requires local access with at least low privileges (AV:L/PR:L) on a Snapdragon device and the ability to invoke the affected AES-GCM key-wrapping function and collect multiple outputs that are all produced with the same static initialization vector - the reused IV is the exact enabling condition. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N) reflects a locally-exploitable, low-privilege flaw with high confidentiality and integrity impact but no availability impact, consistent with the 'Information Disclosure' tag and a key-material compromise. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A malicious app or low-privileged local process on a Snapdragon-based device repeatedly invokes the vulnerable AES-GCM key-wrapping routine and captures multiple outputs that all share the same static IV. By exploiting the GCM nonce reuse, the attacker recovers keystream/authentication-subkey information to disclose protected key material or forge valid wrapped blobs. …
Remediation Patch available per vendor advisory: apply the Qualcomm-supplied fixes referenced in the July 2026 Security Bulletin (https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html), which are typically delivered to device OEMs and reach end users through downstream firmware/OS updates - so also track and apply the corresponding OEM/carrier security update once available. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Conduct comprehensive inventory of Snapdragon-based devices (mobile phones, IoT endpoints, automotive platforms) and identify which systems process sensitive cryptographic key material. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-25293 CRITICAL
9.6 May 04

Buffer overflow in Qualcomm Snapdragon firmware enables authentication bypass on adjacent networks, allowing remote unau

CVE-2026-25268 HIGH
8.8 Jul 06

Local privilege escalation and memory corruption in Qualcomm Snapdragon WLAN firmware occurs when the driver parses malf

CVE-2026-25277 HIGH
8.8 Jun 01

Memory corruption in Qualcomm Snapdragon Strongbox component allows local low-privileged attackers to trigger a buffer o

CVE-2026-25276 HIGH
8.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon chipsets stems from an out-of-bounds memory access in the Strongbox tr

CVE-2025-47392 HIGH
8.8 Apr 06

Memory corruption in Qualcomm Snapdragon chipsets allows adjacent network attackers to achieve arbitrary code execution

CVE-2026-24088 HIGH
8.2 Jun 01

Bootloader integrity bypass in Qualcomm Snapdragon platforms allows a high-privileged local attacker to write to a speci

CVE-2026-21379 HIGH
7.8 Jul 06

Local privilege escalation via memory corruption affects Qualcomm Snapdragon platforms, where allocating memory with siz

CVE-2025-59616 HIGH
7.8 Jul 06

Use-after-free memory corruption in Qualcomm Snapdragon platform driver code allows a local low-privileged process to tr

CVE-2025-59615 HIGH
7.8 Jul 06

Local privilege escalation via memory corruption affects a broad range of Qualcomm Snapdragon chipsets, where a use-afte

CVE-2026-25259 HIGH
7.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon platforms is possible through memory corruption when processing multip

CVE-2026-25258 HIGH
7.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon platforms stems from an out-of-bounds read (CWE-125) triggered during

CVE-2025-59606 HIGH
7.8 Jun 01

Local privilege escalation and memory corruption in Qualcomm Snapdragon platforms allows an attacker with low-privileged

Share

CVE-2026-21383 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy