CVE-2021-1912

Q: What is the severity of CVE-2021-1912?

CVE-2021-1912 has a CVSS score of 8.4 (HIGH). This integer overflow vulnerability in Qualcomm Snapdragon chipsets could allow attackers to execute arbitrary code or cause denial of service. It affects devices using vulnerable Snapdragon Auto, Compute, Connectivity, Industrial IoT, and Mobile platforms. Attackers could potentially gain elevated privileges on affected systems.

8.4 HIGH

📋 TL;DR

This integer overflow vulnerability in Qualcomm Snapdragon chipsets could allow attackers to execute arbitrary code or cause denial of service. It affects devices using vulnerable Snapdragon Auto, Compute, Connectivity, Industrial IoT, and Mobile platforms. Attackers could potentially gain elevated privileges on affected systems.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Industrial IOT
Snapdragon Mobile

Versions: Specific chipset versions not detailed in public advisory; requires checking Qualcomm security bulletin for exact affected components

Operating Systems: Android, Linux-based automotive/industrial systems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Qualcomm chipset firmware/drivers; vulnerability exists at hardware/firmware level affecting multiple device types

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or persistent backdoor installation on affected devices.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated permissions on already compromised devices or denial of service crashes.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, potentially only denial of service if exploitation attempts are blocked.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access or ability to execute code on device; integer overflow vulnerabilities typically require specific conditions to exploit

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm November 2021 security bulletin for specific chipset/firmware versions

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates 2. Apply Qualcomm-provided patches through OEM updates 3. Reboot device after update 4. Verify patch installation

🔧 Temporary Workarounds

Network Segmentation

all

Isolate affected devices from untrusted networks to reduce attack surface

Access Control Restrictions

all

Limit user/application privileges to reduce impact of potential privilege escalation

🧯 If You Can't Patch

Isolate affected devices in separate network segments with strict firewall rules
Implement application allowlisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check device chipset version and firmware against Qualcomm security bulletin; contact device manufacturer for vulnerability assessment

Check Version:

Device-specific commands vary by manufacturer; typically 'cat /proc/cpuinfo' or manufacturer-specific system info commands

Verify Fix Applied:

Verify firmware version has been updated to patched version specified in Qualcomm advisory

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Driver/firmware crash reports
Unexpected privilege escalation attempts

Network Indicators:

Unusual outbound connections from embedded/IoT devices
Anomalous traffic patterns from affected systems

SIEM Query:

Search for: kernel panic events OR driver crash events OR privilege escalation attempts on devices with Qualcomm chipsets

📊 Metadata

CVE ID: CVE-2021-1912

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-190

Published: November 12, 2021

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aqt1000 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcx315 Firmware by Qualcomm

Sa415m Firmware by Qualcomm

Sa515m Firmware by Qualcomm

Sd 8c Firmware by Qualcomm

Sd 8cx Firmware by Qualcomm

Sd855 Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sd870 Firmware by Qualcomm

Sdx24 Firmware by Qualcomm

Sdx55 Firmware by Qualcomm

Sdx55m Firmware by Qualcomm

Sdxr2 5g Firmware by Qualcomm

Wcd9340 Firmware by Qualcomm

Wcd9341 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcn3998 Firmware by Qualcomm

Wcn6750 Firmware by Qualcomm

Wcn6850 Firmware by Qualcomm

Wcn6851 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm