CVE-2021-35083

8.2 HIGH

📋 TL;DR

This vulnerability allows attackers to read memory beyond intended boundaries due to improper certificate chain validation in Qualcomm Snapdragon chipsets. It affects devices using vulnerable Snapdragon components for SSL/TLS or Internet Key Exchange (IKE) operations. The impact includes potential information disclosure and system compromise.

💻 Affected Systems

Products:

• Snapdragon Auto
• Snapdragon Compute
• Snapdragon Connectivity
• Snapdragon Consumer Electronics Connectivity
• Snapdragon Consumer IOT
• Snapdragon Industrial IOT
• Snapdragon Mobile
• Snapdragon Voice & Music
• Snapdragon Wearables

Versions: Specific chipset versions not detailed in bulletin; refer to Qualcomm advisory for exact affected versions

Operating Systems: Android, Linux-based embedded systems, Various RTOS implementations

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in firmware/software components handling SSL/TLS and IKE operations on affected Snapdragon platforms

📦 What is this software?

Apq8009 Firmware by Qualcomm

View all CVEs affecting Apq8009 Firmware →

Apq8009w Firmware by Qualcomm

View all CVEs affecting Apq8009w Firmware →

Apq8017 Firmware by Qualcomm

View all CVEs affecting Apq8017 Firmware →

Apq8037 Firmware by Qualcomm

View all CVEs affecting Apq8037 Firmware →

Apq8053 Firmware by Qualcomm

View all CVEs affecting Apq8053 Firmware →

Apq8096au Firmware by Qualcomm

View all CVEs affecting Apq8096au Firmware →

Aqt1000 Firmware by Qualcomm

View all CVEs affecting Aqt1000 Firmware →

Ar8031 Firmware by Qualcomm

View all CVEs affecting Ar8031 Firmware →

Ar8035 Firmware by Qualcomm

View all CVEs affecting Ar8035 Firmware →

Csra6620 Firmware by Qualcomm

View all CVEs affecting Csra6620 Firmware →

Csra6640 Firmware by Qualcomm

View all CVEs affecting Csra6640 Firmware →

Csrb31024 Firmware by Qualcomm

View all CVEs affecting Csrb31024 Firmware →

Mdm9150 Firmware by Qualcomm

View all CVEs affecting Mdm9150 Firmware →

Mdm9206 Firmware by Qualcomm

View all CVEs affecting Mdm9206 Firmware →

Mdm9250 Firmware by Qualcomm

View all CVEs affecting Mdm9250 Firmware →

Mdm9607 Firmware by Qualcomm

View all CVEs affecting Mdm9607 Firmware →

Mdm9628 Firmware by Qualcomm

View all CVEs affecting Mdm9628 Firmware →

Mdm9640 Firmware by Qualcomm

View all CVEs affecting Mdm9640 Firmware →

Mdm9650 Firmware by Qualcomm

View all CVEs affecting Mdm9650 Firmware →

Msm8108 Firmware by Qualcomm

View all CVEs affecting Msm8108 Firmware →

Msm8208 Firmware by Qualcomm

View all CVEs affecting Msm8208 Firmware →

Msm8209 Firmware by Qualcomm

View all CVEs affecting Msm8209 Firmware →

Msm8608 Firmware by Qualcomm

View all CVEs affecting Msm8608 Firmware →

Msm8909w Firmware by Qualcomm

View all CVEs affecting Msm8909w Firmware →

Msm8917 Firmware by Qualcomm

View all CVEs affecting Msm8917 Firmware →

Msm8920 Firmware by Qualcomm

View all CVEs affecting Msm8920 Firmware →

Msm8937 Firmware by Qualcomm

View all CVEs affecting Msm8937 Firmware →

Msm8940 Firmware by Qualcomm

View all CVEs affecting Msm8940 Firmware →

Msm8953 Firmware by Qualcomm

View all CVEs affecting Msm8953 Firmware →

Msm8996au Firmware by Qualcomm

View all CVEs affecting Msm8996au Firmware →

Qca6174a Firmware by Qualcomm

View all CVEs affecting Qca6174a Firmware →

Qca6310 Firmware by Qualcomm

View all CVEs affecting Qca6310 Firmware →

Qca6320 Firmware by Qualcomm

View all CVEs affecting Qca6320 Firmware →

Qca6335 Firmware by Qualcomm

View all CVEs affecting Qca6335 Firmware →

Qca6390 Firmware by Qualcomm

View all CVEs affecting Qca6390 Firmware →

Qca6391 Firmware by Qualcomm

View all CVEs affecting Qca6391 Firmware →

Qca6420 Firmware by Qualcomm

View all CVEs affecting Qca6420 Firmware →

Qca6421 Firmware by Qualcomm

View all CVEs affecting Qca6421 Firmware →

Qca6426 Firmware by Qualcomm

View all CVEs affecting Qca6426 Firmware →

Qca6430 Firmware by Qualcomm

View all CVEs affecting Qca6430 Firmware →

Qca6431 Firmware by Qualcomm

View all CVEs affecting Qca6431 Firmware →

Qca6436 Firmware by Qualcomm

View all CVEs affecting Qca6436 Firmware →

Qca6564a Firmware by Qualcomm

View all CVEs affecting Qca6564a Firmware →

Qca6564au Firmware by Qualcomm

View all CVEs affecting Qca6564au Firmware →

Qca6574 Firmware by Qualcomm

View all CVEs affecting Qca6574 Firmware →

Qca6574a Firmware by Qualcomm

View all CVEs affecting Qca6574a Firmware →

Qca6574au Firmware by Qualcomm

View all CVEs affecting Qca6574au Firmware →

Qca6584 Firmware by Qualcomm

View all CVEs affecting Qca6584 Firmware →

Qca6595au Firmware by Qualcomm

View all CVEs affecting Qca6595au Firmware →

Qca6696 Firmware by Qualcomm

View all CVEs affecting Qca6696 Firmware →

Qca8081 Firmware by Qualcomm

View all CVEs affecting Qca8081 Firmware →

Qca8337 Firmware by Qualcomm

View all CVEs affecting Qca8337 Firmware →

Qca9367 Firmware by Qualcomm

View all CVEs affecting Qca9367 Firmware →

Qca9377 Firmware by Qualcomm

View all CVEs affecting Qca9377 Firmware →

Qca9379 Firmware by Qualcomm

View all CVEs affecting Qca9379 Firmware →

Qcm2290 Firmware by Qualcomm

View all CVEs affecting Qcm2290 Firmware →

Qcm4290 Firmware by Qualcomm

View all CVEs affecting Qcm4290 Firmware →

Qcm6125 Firmware by Qualcomm

View all CVEs affecting Qcm6125 Firmware →

Qcn7605 Firmware by Qualcomm

View all CVEs affecting Qcn7605 Firmware →

Qcn7606 Firmware by Qualcomm

View all CVEs affecting Qcn7606 Firmware →

Qcs2290 Firmware by Qualcomm

View all CVEs affecting Qcs2290 Firmware →

Qcs405 Firmware by Qualcomm

View all CVEs affecting Qcs405 Firmware →

Qcs410 Firmware by Qualcomm

View all CVEs affecting Qcs410 Firmware →

Qcs4290 Firmware by Qualcomm

View all CVEs affecting Qcs4290 Firmware →

Qcs603 Firmware by Qualcomm

View all CVEs affecting Qcs603 Firmware →

Qcs605 Firmware by Qualcomm

View all CVEs affecting Qcs605 Firmware →

Qcs610 Firmware by Qualcomm

View all CVEs affecting Qcs610 Firmware →

Qcs6125 Firmware by Qualcomm

View all CVEs affecting Qcs6125 Firmware →

Qualcomm215 Firmware by Qualcomm

View all CVEs affecting Qualcomm215 Firmware →

Sa415m Firmware by Qualcomm

View all CVEs affecting Sa415m Firmware →

Sa515m Firmware by Qualcomm

View all CVEs affecting Sa515m Firmware →

Sc8180x\+sdx55 Firmware by Qualcomm

View all CVEs affecting Sc8180x\+sdx55 Firmware →

Sd 636 Firmware by Qualcomm

View all CVEs affecting Sd 636 Firmware →

Sd 675 Firmware by Qualcomm

View all CVEs affecting Sd 675 Firmware →

Sd 8 Gen1 5g Firmware by Qualcomm

View all CVEs affecting Sd 8 Gen1 5g Firmware →

Sd 8cx Firmware by Qualcomm

View all CVEs affecting Sd 8cx Firmware →

Sd 8cx Gen2 Firmware by Qualcomm

View all CVEs affecting Sd 8cx Gen2 Firmware →

Sd210 Firmware by Qualcomm

View all CVEs affecting Sd210 Firmware →

Sd429 Firmware by Qualcomm

View all CVEs affecting Sd429 Firmware →

Sd439 Firmware by Qualcomm

View all CVEs affecting Sd439 Firmware →

Sd450 Firmware by Qualcomm

View all CVEs affecting Sd450 Firmware →

Sd460 Firmware by Qualcomm

View all CVEs affecting Sd460 Firmware →

Sd480 Firmware by Qualcomm

View all CVEs affecting Sd480 Firmware →

Sd632 Firmware by Qualcomm

View all CVEs affecting Sd632 Firmware →

Sd660 Firmware by Qualcomm

View all CVEs affecting Sd660 Firmware →

Sd662 Firmware by Qualcomm

View all CVEs affecting Sd662 Firmware →

Sd665 Firmware by Qualcomm

View all CVEs affecting Sd665 Firmware →

Sd670 Firmware by Qualcomm

View all CVEs affecting Sd670 Firmware →

Sd675 Firmware by Qualcomm

View all CVEs affecting Sd675 Firmware →

Sd678 Firmware by Qualcomm

View all CVEs affecting Sd678 Firmware →

Sd680 Firmware by Qualcomm

View all CVEs affecting Sd680 Firmware →

Sd690 5g Firmware by Qualcomm

View all CVEs affecting Sd690 5g Firmware →

Sd695 Firmware by Qualcomm

View all CVEs affecting Sd695 Firmware →

Sd710 Firmware by Qualcomm

View all CVEs affecting Sd710 Firmware →

Sd712 Firmware by Qualcomm

View all CVEs affecting Sd712 Firmware →

Sd720g Firmware by Qualcomm

View all CVEs affecting Sd720g Firmware →

Sd730 Firmware by Qualcomm

View all CVEs affecting Sd730 Firmware →

Sd750g Firmware by Qualcomm

View all CVEs affecting Sd750g Firmware →

Sd765 Firmware by Qualcomm

View all CVEs affecting Sd765 Firmware →

Sd765g Firmware by Qualcomm

View all CVEs affecting Sd765g Firmware →

Sd768g Firmware by Qualcomm

View all CVEs affecting Sd768g Firmware →

Sd778g Firmware by Qualcomm

View all CVEs affecting Sd778g Firmware →

Sd780g Firmware by Qualcomm

View all CVEs affecting Sd780g Firmware →

Sd7c Firmware by Qualcomm

View all CVEs affecting Sd7c Firmware →

Sd820 Firmware by Qualcomm

View all CVEs affecting Sd820 Firmware →

Sd821 Firmware by Qualcomm

View all CVEs affecting Sd821 Firmware →

Sd835 Firmware by Qualcomm

View all CVEs affecting Sd835 Firmware →

Sd845 Firmware by Qualcomm

View all CVEs affecting Sd845 Firmware →

Sd850 Firmware by Qualcomm

View all CVEs affecting Sd850 Firmware →

Sd855 Firmware by Qualcomm

View all CVEs affecting Sd855 Firmware →

Sd865 5g Firmware by Qualcomm

View all CVEs affecting Sd865 5g Firmware →

Sd870 Firmware by Qualcomm

View all CVEs affecting Sd870 Firmware →

Sd888 5g Firmware by Qualcomm

View all CVEs affecting Sd888 5g Firmware →

Sd888 Firmware by Qualcomm

View all CVEs affecting Sd888 Firmware →

Sdm429w Firmware by Qualcomm

View all CVEs affecting Sdm429w Firmware →

Sdm630 Firmware by Qualcomm

View all CVEs affecting Sdm630 Firmware →

Sdw2500 Firmware by Qualcomm

View all CVEs affecting Sdw2500 Firmware →

Sdx12 Firmware by Qualcomm

View all CVEs affecting Sdx12 Firmware →

Sdx20 Firmware by Qualcomm

View all CVEs affecting Sdx20 Firmware →

Sdx24 Firmware by Qualcomm

View all CVEs affecting Sdx24 Firmware →

Sdx50m Firmware by Qualcomm

View all CVEs affecting Sdx50m Firmware →

Sdx55 Firmware by Qualcomm

View all CVEs affecting Sdx55 Firmware →

Sdx55m Firmware by Qualcomm

View all CVEs affecting Sdx55m Firmware →

Sdx65 Firmware by Qualcomm

View all CVEs affecting Sdx65 Firmware →

Sdxr1 Firmware by Qualcomm

View all CVEs affecting Sdxr1 Firmware →

Sdxr2 5g Firmware by Qualcomm

View all CVEs affecting Sdxr2 5g Firmware →

Sm4125 Firmware by Qualcomm

View all CVEs affecting Sm4125 Firmware →

Sm6250 Firmware by Qualcomm

View all CVEs affecting Sm6250 Firmware →

Sm6250p Firmware by Qualcomm

View all CVEs affecting Sm6250p Firmware →

Sm7250p Firmware by Qualcomm

View all CVEs affecting Sm7250p Firmware →

Sm7315 Firmware by Qualcomm

View all CVEs affecting Sm7315 Firmware →

Sm7450 Firmware by Qualcomm

View all CVEs affecting Sm7450 Firmware →

Sm8475 Firmware by Qualcomm

View all CVEs affecting Sm8475 Firmware →

Sm8475p Firmware by Qualcomm

View all CVEs affecting Sm8475p Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Wcd9326 Firmware by Qualcomm

View all CVEs affecting Wcd9326 Firmware →

Wcd9330 Firmware by Qualcomm

View all CVEs affecting Wcd9330 Firmware →

Wcd9335 Firmware by Qualcomm

View all CVEs affecting Wcd9335 Firmware →

Wcd9340 Firmware by Qualcomm

View all CVEs affecting Wcd9340 Firmware →

Wcd9341 Firmware by Qualcomm

View all CVEs affecting Wcd9341 Firmware →

Wcd9360 Firmware by Qualcomm

View all CVEs affecting Wcd9360 Firmware →

Wcd9370 Firmware by Qualcomm

View all CVEs affecting Wcd9370 Firmware →

Wcd9371 Firmware by Qualcomm

View all CVEs affecting Wcd9371 Firmware →

Wcd9375 Firmware by Qualcomm

View all CVEs affecting Wcd9375 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcn3610 Firmware by Qualcomm

View all CVEs affecting Wcn3610 Firmware →

Wcn3615 Firmware by Qualcomm

View all CVEs affecting Wcn3615 Firmware →

Wcn3620 Firmware by Qualcomm

View all CVEs affecting Wcn3620 Firmware →

Wcn3660 Firmware by Qualcomm

View all CVEs affecting Wcn3660 Firmware →

Wcn3660b Firmware by Qualcomm

View all CVEs affecting Wcn3660b Firmware →

Wcn3680 Firmware by Qualcomm

View all CVEs affecting Wcn3680 Firmware →

Wcn3680b Firmware by Qualcomm

View all CVEs affecting Wcn3680b Firmware →

Wcn3910 Firmware by Qualcomm

View all CVEs affecting Wcn3910 Firmware →

Wcn3950 Firmware by Qualcomm

View all CVEs affecting Wcn3950 Firmware →

Wcn3980 Firmware by Qualcomm

View all CVEs affecting Wcn3980 Firmware →

Wcn3988 Firmware by Qualcomm

View all CVEs affecting Wcn3988 Firmware →

Wcn3990 Firmware by Qualcomm

View all CVEs affecting Wcn3990 Firmware →

Wcn3991 Firmware by Qualcomm

View all CVEs affecting Wcn3991 Firmware →

Wcn3998 Firmware by Qualcomm

View all CVEs affecting Wcn3998 Firmware →

Wcn3999 Firmware by Qualcomm

View all CVEs affecting Wcn3999 Firmware →

Wcn6740 Firmware by Qualcomm

View all CVEs affecting Wcn6740 Firmware →

Wcn6750 Firmware by Qualcomm

View all CVEs affecting Wcn6750 Firmware →

Wcn6850 Firmware by Qualcomm

View all CVEs affecting Wcn6850 Firmware →

Wcn6851 Firmware by Qualcomm

View all CVEs affecting Wcn6851 Firmware →

Wcn6855 Firmware by Qualcomm

View all CVEs affecting Wcn6855 Firmware →

Wcn6856 Firmware by Qualcomm

View all CVEs affecting Wcn6856 Firmware →

Wcn7851 Firmware by Qualcomm

View all CVEs affecting Wcn7851 Firmware →

Wsa8810 Firmware by Qualcomm

View all CVEs affecting Wsa8810 Firmware →

Wsa8815 Firmware by Qualcomm

View all CVEs affecting Wsa8815 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data exfiltration, and persistent access to affected systems.

🟠

Likely Case

Information disclosure through memory leaks, potentially exposing sensitive data like encryption keys or credentials.

🟢

If Mitigated

Limited impact with proper network segmentation and certificate validation controls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires network access to trigger the certificate validation flaw; no public exploit code available as per advisory

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to device manufacturer firmware updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply manufacturer-provided firmware patches. 3. Reboot device after patch installation. 4. Verify patch application through version checks.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate affected devices from untrusted networks to reduce attack surface

Certificate Pinning

all

Implement certificate pinning in applications to enforce specific certificate validation

🧯 If You Can't Patch

• Implement strict network access controls and firewall rules
• Monitor for anomalous network traffic patterns and certificate validation failures

🔍 How to Verify

Check if Vulnerable:

Copy

Check device firmware version against manufacturer security bulletins; examine Qualcomm chipset model and firmware version

Check Version:

Copy

Device-specific commands vary by manufacturer; typically 'cat /proc/version' or manufacturer-specific firmware check utilities

Verify Fix Applied:

Copy

Verify firmware version has been updated to manufacturer-recommended secure version

📡 Detection & Monitoring

Log Indicators:

• SSL/TLS handshake failures
• Certificate validation errors
• Memory access violation logs

Network Indicators:

• Unusual certificate chain presentations
• Abnormal IKE negotiation patterns

SIEM Query:

Copy

Search for SSL/TLS errors or certificate validation failures from Snapdragon-based devices

📊 Metadata

CVE ID: CVE-2021-35083

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CWE: CWE-125

Published: June 14, 2022

Last Updated: November 21, 2024

🔗 References

• https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin Vendor Advisory
• https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-35083, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)

CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)

CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)