CVE-2021-30309

Q: What is the severity of CVE-2021-30309?

CVE-2021-30309 has a CVSS score of 7.8 (HIGH). CVE-2021-30309 is a buffer overflow vulnerability in Qualcomm Snapdragon chipsets where improper validation of QXDM diagnostic command sizes can lead to memory corruption. This affects devices using vulnerable Snapdragon Compute, Consumer IoT, Industrial IoT, and Mobile chipsets. Attackers could potentially execute arbitrary code or cause denial of service.

7.8 HIGH

Buffer Overflow

📋 TL;DR

CVE-2021-30309 is a buffer overflow vulnerability in Qualcomm Snapdragon chipsets where improper validation of QXDM diagnostic command sizes can lead to memory corruption. This affects devices using vulnerable Snapdragon Compute, Consumer IoT, Industrial IoT, and Mobile chipsets. Attackers could potentially execute arbitrary code or cause denial of service.

💻 Affected Systems

Products:

Snapdragon Compute
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Mobile

Versions: Specific chipset versions not detailed in public advisory; affected by firmware versions before February 2022 patches.

Operating Systems: Android, Linux-based IoT operating systems

Default Config Vulnerable: ⚠️ Yes

Notes: Requires access to QXDM diagnostic interface which may be disabled or restricted in some configurations.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete device compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Denial of service through system crashes or instability, potentially requiring device restart or factory reset.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing unauthorized QXDM command access.

🌐 Internet-Facing: MEDIUM - Requires access to QXDM diagnostic interface which may be exposed in some configurations, but typically not internet-facing by default.

🏢 Internal Only: HIGH - If internal attackers or compromised internal systems can access QXDM interfaces, exploitation is possible.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires sending specially crafted QXDM commands to vulnerable interface. No public exploits available as of knowledge cutoff.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates released in February 2022 security bulletin

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided firmware patches. 3. Reboot device. 4. Verify patch installation through version checks.

🔧 Temporary Workarounds

Disable QXDM diagnostic interface

all

Disable or restrict access to QXDM diagnostic services if not required for operations.

Device-specific configuration commands vary by manufacturer

Network segmentation

all

Isolate devices with vulnerable chipsets from untrusted networks.

🧯 If You Can't Patch

Implement strict network access controls to prevent unauthorized access to diagnostic interfaces
Monitor for abnormal QXDM command patterns and system crashes

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against manufacturer's patched versions. Use Qualcomm tools to check chipset vulnerability status.

Check Version:

Device-specific commands vary by manufacturer (e.g., Android: getprop ro.build.version.security_patch)

Verify Fix Applied:

Verify firmware version has been updated to post-February 2022 patches from device manufacturer.

📡 Detection & Monitoring

Log Indicators:

Unexpected system crashes
QXDM diagnostic service access logs showing abnormal command patterns
Kernel panic logs

Network Indicators:

Unusual traffic to diagnostic ports (typically 5514/tcp for QXDM)
Multiple connection attempts to diagnostic services

SIEM Query:

source_port=5514 AND (payload_size>normal_threshold OR command_pattern=malicious)

📊 Metadata

CVE ID: CVE-2021-30309

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-120

Published: February 11, 2022

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Mdm9650 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs603 Firmware by Qualcomm

Qcs605 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qcs6125 Firmware by Qualcomm

Sd660 Firmware by Qualcomm

Sd665 Firmware by Qualcomm

Sd690 5g Firmware by Qualcomm

Sd730 Firmware by Qualcomm

Sd765 Firmware by Qualcomm

Sd765g Firmware by Qualcomm

Sd768g Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sd870 Firmware by Qualcomm

Sdx12 Firmware by Qualcomm

Sdx55m Firmware by Qualcomm

Sdxr1 Firmware by Qualcomm

Sm7250p Firmware by Qualcomm

Wcd9326 Firmware by Qualcomm

Wcd9335 Firmware by Qualcomm

Wcd9341 Firmware by Qualcomm

Wcd9370 Firmware by Qualcomm

Wcd9375 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcn3950 Firmware by Qualcomm

Wcn3980 Firmware by Qualcomm

Wcn3988 Firmware by Qualcomm

Wcn3990 Firmware by Qualcomm

Wcn3991 Firmware by Qualcomm

Wcn3998 Firmware by Qualcomm

Wcn6850 Firmware by Qualcomm

Wcn6851 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm