CVE-2021-30300

Q: What is the severity of CVE-2021-30300?

CVE-2021-30300 has a CVSS score of 7.5 (HIGH). This vulnerability in Qualcomm Snapdragon chipsets allows denial of service attacks due to improper hex data decoding in SIB2 OTA messages. When processing SRS configuration, the system assigns garbage values, potentially crashing affected devices. This affects numerous Snapdragon-based products across automotive, compute, IoT, wearables, and other sectors.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability in Qualcomm Snapdragon chipsets allows denial of service attacks due to improper hex data decoding in SIB2 OTA messages. When processing SRS configuration, the system assigns garbage values, potentially crashing affected devices. This affects numerous Snapdragon-based products across automotive, compute, IoT, wearables, and other sectors.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Voice & Music
Snapdragon Wearables

Versions: Specific chipset versions not detailed in bulletin; affected by firmware versions prior to January 2022 patches.

Operating Systems: Android-based systems and other embedded OS using affected Snapdragon chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in baseband/modem firmware of affected Snapdragon chipsets; exact product models depend on chipset implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device crash or reboot, rendering the device unusable until manually restarted or requiring hardware intervention.

🟠

Likely Case

Service disruption on affected devices when processing malformed SIB2 OTA messages, causing temporary loss of connectivity or functionality.

🟢

If Mitigated

Minimal impact with proper network filtering and updated firmware preventing exploitation attempts.

🌐 Internet-Facing: MEDIUM - Requires receiving specially crafted OTA messages, which could come from network sources.

🏢 Internal Only: LOW - Exploitation requires specific message injection capabilities within the network.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting and sending malformed SIB2 OTA messages to target devices; requires network access to the device's cellular/baseband interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates released in January 2022 security bulletin

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/january-2022-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided firmware patches. 3. Reboot device after update. 4. Verify patch installation through version checks.

🔧 Temporary Workarounds

Network filtering

all

Implement network-level filtering to block malformed SIB2 OTA messages

Access control

all

Restrict network access to baseband interfaces of affected devices

🧯 If You Can't Patch

Segment affected devices on isolated networks to limit attack surface
Implement strict network monitoring for unusual OTA message patterns

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against January 2022 Qualcomm security bulletin; devices with pre-January 2022 firmware are likely vulnerable.

Check Version:

Device-specific commands vary by manufacturer; typically 'adb shell getprop ro.build.fingerprint' or manufacturer-specific firmware check utilities.

Verify Fix Applied:

Verify firmware version has been updated to include January 2022 security patches from Qualcomm.

📡 Detection & Monitoring

Log Indicators:

Unexpected device reboots
Baseband/modem crash logs
SIB2 message processing errors

Network Indicators:

Unusual OTA message patterns targeting SIB2
Spike in malformed cellular protocol messages

SIEM Query:

Search for: 'SIB2 processing error' OR 'baseband crash' OR 'modem restart' in device logs

📊 Metadata

CVE ID: CVE-2021-30300

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-704

Published: January 13, 2022

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/january-2022-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/january-2022-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Apq8009w Firmware by Qualcomm

Apq8017 Firmware by Qualcomm

Apq8096au Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Fsm10055 Firmware by Qualcomm

Fsm10056 Firmware by Qualcomm

Mdm8207 Firmware by Qualcomm

Mdm9150 Firmware by Qualcomm

Mdm9205 Firmware by Qualcomm

Mdm9206 Firmware by Qualcomm

Mdm9207 Firmware by Qualcomm

Mdm9607 Firmware by Qualcomm

Mdm9628 Firmware by Qualcomm

Mdm9640 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Qca4004 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584 Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9367 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qcx315 Firmware by Qualcomm

Qsw8573 Firmware by Qualcomm

Sa415m Firmware by Qualcomm

Sa515m Firmware by Qualcomm

Sa6145p Firmware by Qualcomm

Sa6150p Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa8145p Firmware by Qualcomm

Sa8150p Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sd 675 Firmware by Qualcomm

Sd 8 Gen1 5g Firmware by Qualcomm

Sd 8cx Gen2 Firmware by Qualcomm

Sd205 Firmware by Qualcomm

Sd210 Firmware by Qualcomm

Sd429 Firmware by Qualcomm

Sd460 Firmware by Qualcomm

Sd480 Firmware by Qualcomm

Sd662 Firmware by Qualcomm

Sd665 Firmware by Qualcomm

Sd675 Firmware by Qualcomm

Sd678 Firmware by Qualcomm

Sd690 5g Firmware by Qualcomm

Sd720g Firmware by Qualcomm

Sd730 Firmware by Qualcomm

Sd750g Firmware by Qualcomm

Sd765 Firmware by Qualcomm

Sd765g Firmware by Qualcomm

Sd768g Firmware by Qualcomm

Sd7c Firmware by Qualcomm

Sd850 Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sd870 Firmware by Qualcomm

Sda429w Firmware by Qualcomm