CVE-2021-1937

Q: What is the severity of CVE-2021-1937?

CVE-2021-1937 has a CVSS score of 7.5 (HIGH). This vulnerability in Qualcomm Snapdragon chipsets allows an attacker to trigger a reachable assertion while processing WLAN peer association messages, potentially causing denial of service or remote code execution. It affects numerous Snapdragon product lines including Auto, Compute, Mobile, and Industrial IoT devices. The vulnerability requires sending specially crafted network packets to vulnerable devices.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability in Qualcomm Snapdragon chipsets allows an attacker to trigger a reachable assertion while processing WLAN peer association messages, potentially causing denial of service or remote code execution. It affects numerous Snapdragon product lines including Auto, Compute, Mobile, and Industrial IoT devices. The vulnerability requires sending specially crafted network packets to vulnerable devices.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer Electronics Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Mobile
Snapdragon Voice & Music
Snapdragon Wired Infrastructure and Networking

Versions: Multiple Snapdragon chipset versions (specific versions detailed in Qualcomm advisory)

Operating Systems: Android, Linux-based systems using affected Snapdragon chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices using vulnerable Snapdragon chipsets with WLAN functionality enabled. The vulnerability is in the firmware/hardware layer.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, allowing attacker to execute arbitrary code with system privileges.

🟠

Likely Case

Denial of service causing device crashes or instability in WLAN functionality, disrupting network connectivity.

🟢

If Mitigated

Limited impact with proper network segmentation and firewall rules blocking malicious WLAN traffic.

🌐 Internet-Facing: MEDIUM - Devices with exposed WLAN interfaces could be targeted, but exploitation requires specific network access.

🏢 Internal Only: MEDIUM - Internal attackers on the same network could exploit this vulnerability against vulnerable devices.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending specially crafted WLAN packets to vulnerable devices. No public exploit code has been released as of the advisory date.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Varies by device manufacturer - check with OEM for specific firmware updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply the firmware update provided by the OEM. 3. Reboot the device to complete the update. 4. Verify the patch is applied successfully.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate vulnerable devices on separate network segments to limit attack surface

WLAN Access Control

all

Implement strict WLAN access controls and authentication to prevent unauthorized devices from connecting

🧯 If You Can't Patch

Implement network monitoring for unusual WLAN traffic patterns
Consider disabling WLAN functionality if not required for device operation

🔍 How to Verify

Check if Vulnerable:

Check device specifications against affected Snapdragon chipsets and firmware version against OEM security updates

Check Version:

Device-specific commands vary by manufacturer (e.g., 'cat /proc/version' on Linux-based systems)

Verify Fix Applied:

Verify firmware version matches or exceeds the patched version provided by device manufacturer

📡 Detection & Monitoring

Log Indicators:

Unexpected device crashes or reboots
WLAN driver/interface errors in system logs
Failed association attempts with unusual parameters

Network Indicators:

Unusual WLAN traffic patterns
Malformed WLAN association packets
Traffic from unauthorized MAC addresses

SIEM Query:

Search for WLAN interface errors, device crash reports, or failed association attempts in system logs

📊 Metadata

CVE ID: CVE-2021-1937

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

Published: June 9, 2021

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aqt1000 Firmware by Qualcomm

Ar8031 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Ar9380 Firmware by Qualcomm

Csr8811 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Ipq4018 Firmware by Qualcomm

Ipq4028 Firmware by Qualcomm

Ipq4029 Firmware by Qualcomm

Ipq5010 Firmware by Qualcomm

Ipq5018 Firmware by Qualcomm

Ipq6000 Firmware by Qualcomm

Ipq6005 Firmware by Qualcomm

Ipq6010 Firmware by Qualcomm

Ipq6018 Firmware by Qualcomm

Ipq6028 Firmware by Qualcomm

Ipq8064 Firmware by Qualcomm

Ipq8069 Firmware by Qualcomm

Ipq8070 Firmware by Qualcomm

Ipq8070a Firmware by Qualcomm

Ipq8071 Firmware by Qualcomm

Ipq8071a Firmware by Qualcomm

Ipq8072 Firmware by Qualcomm

Ipq8072a Firmware by Qualcomm

Ipq8074 Firmware by Qualcomm

Ipq8074a Firmware by Qualcomm

Ipq8076 Firmware by Qualcomm

Ipq8076a Firmware by Qualcomm

Ipq8078 Firmware by Qualcomm

Ipq8078a Firmware by Qualcomm

Ipq8173 Firmware by Qualcomm

Ipq8174 Firmware by Qualcomm

Pmp8074 Firmware by Qualcomm

Qca1062 Firmware by Qualcomm

Qca1064 Firmware by Qualcomm

Qca2062 Firmware by Qualcomm

Qca2064 Firmware by Qualcomm

Qca2065 Firmware by Qualcomm

Qca2066 Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qca6175a Firmware by Qualcomm

Qca6310 Firmware by Qualcomm

Qca6335 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6428 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6438 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8072 Firmware by Qualcomm

Qca8075 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9888 Firmware by Qualcomm

Qca9889 Firmware by Qualcomm

Qca9898 Firmware by Qualcomm

Qca9980 Firmware by Qualcomm

Qca9984 Firmware by Qualcomm

Qca9990 Firmware by Qualcomm

Qca9992 Firmware by Qualcomm

Qca9994 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm