Improper Input Validation

CVE-2021-1965

High

9.8/10

Summary

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-20 - Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

Advisory Timeline

Published Jul 13, 2021

Improper Input Validation

CVE-2021-1965

Summary

CWE-20 - Improper Input Validation

References

Advisory Timeline

JetBrains IDE

ChainJacking

KICS SaaS