Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2021
CVE-2021-25480
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection.
CVSS Score
4.4
EPSS Score
0.003
Published
2021-10-06
CVE-2021-25481
An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory.
CVSS Score
6.4
EPSS Score
0.0
Published
2021-10-06
CVE-2021-25482
SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information.
CVSS Score
5.9
EPSS Score
0.0
Published
2021-10-06
CVE-2021-25483
Lack of boundary checking of a buffer in livfivextractor library prior to SMR Oct-2021 Release 1 allows OOB read.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-10-06
CVE-2021-25484
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-10-06
CVE-2021-25485
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket.
CVSS Score
7.5
EPSS Score
0.001
Published
2021-10-06
CVE-2021-25486
Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log.
CVSS Score
2.5
EPSS Score
0.0
Published
2021-10-06
CVE-2021-25487
Known exploited
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.
CVSS Score
7.3
EPSS Score
0.009
Published
2021-10-06
CVE-2021-25488
Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-10-06
CVE-2021-25489
Known exploited
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.
CVSS Score
3.3
EPSS Score
0.003
Published
2021-10-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved