Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2026-21383


Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.


Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 7.1, requiring local system access to exploit with relatively low complexity without requiring user interaction requiring only low-level privileges . The vulnerability impacts confidentiality (data exposure), integrity (unauthorized modifications), for affected systems. Impacting 106 products from qualcomm, from qualcomm, from qualcomm and 103 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2026, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.


Published

2026-07-06T21:16:53.973

Last Modified

2026-07-08T05:16:27.107

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.1 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-323

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System qualcomm fastconnect_6900_firmware - Yes
Hardware qualcomm fastconnect_6900 - No
Operating System qualcomm fastconnect_7800_firmware - Yes
Hardware qualcomm fastconnect_7800 - No
Operating System qualcomm lemans_au_lgit_firmware - Yes
Hardware qualcomm lemans_au_lgit - No
Operating System qualcomm lemansau_firmware - Yes
Hardware qualcomm lemansau - No
Operating System qualcomm pandeiro_firmware - Yes
Hardware qualcomm pandeiro - No
Operating System qualcomm qam8255p_firmware - Yes
Hardware qualcomm qam8255p - No
Operating System qualcomm qam8397p_firmware - Yes
Hardware qualcomm qam8397p - No
Operating System qualcomm qam8797p_firmware - Yes
Hardware qualcomm qam8797p - No
Operating System qualcomm qamsrv1h_firmware - Yes
Hardware qualcomm qamsrv1h - No
Operating System qualcomm qamsrv1m_firmware - Yes
Hardware qualcomm qamsrv1m - No
Operating System qualcomm qca6595au_firmware - Yes
Hardware qualcomm qca6595au - No
Operating System qualcomm qca6696_firmware - Yes
Hardware qualcomm qca6696 - No
Operating System qualcomm qca6698aq_firmware - Yes
Hardware qualcomm qca6698aq - No
Operating System qualcomm qca6797aq_firmware - Yes
Hardware qualcomm qca6797aq - No
Operating System qualcomm qca8695au_firmware - Yes
Hardware qualcomm qca8695au - No
Operating System qualcomm qdu1000_firmware - Yes
Hardware qualcomm qdu1000 - No
Operating System qualcomm qdu1110_firmware - Yes
Hardware qualcomm qdu1110 - No
Operating System qualcomm qdu1210_firmware - Yes
Hardware qualcomm qdu1210 - No
Operating System qualcomm qdx1010_firmware - Yes
Hardware qualcomm qdx1010 - No
Operating System qualcomm qdx1011_firmware - Yes
Hardware qualcomm qdx1011 - No
Operating System qualcomm qln1083bd_firmware - Yes
Hardware qualcomm qln1083bd - No
Operating System qualcomm qln1086bd_firmware - Yes
Hardware qualcomm qln1086bd - No
Operating System qualcomm qpa1083bd_firmware - Yes
Hardware qualcomm qpa1083bd - No
Operating System qualcomm qpa1086bd_firmware - Yes
Hardware qualcomm qpa1086bd - No
Operating System qualcomm qualcomm_dragonwing_x100_accelerator_card_firmware - Yes
Hardware qualcomm qualcomm_dragonwing_x100_accelerator_card - No
Operating System qualcomm qxm1093_firmware - Yes
Hardware qualcomm qxm1093 - No
Operating System qualcomm qxm1094_firmware - Yes
Hardware qualcomm qxm1094 - No
Operating System qualcomm qxm1095_firmware - Yes
Hardware qualcomm qxm1095 - No
Operating System qualcomm qxm1096_firmware - Yes
Hardware qualcomm qxm1096 - No
Operating System qualcomm sa7255p_firmware - Yes
Hardware qualcomm sa7255p - No
Operating System qualcomm sa7775p_firmware - Yes
Hardware qualcomm sa7775p - No
Operating System qualcomm sa8255p_firmware - Yes
Hardware qualcomm sa8255p - No
Operating System qualcomm sa8620p_firmware - Yes
Hardware qualcomm sa8620p - No
Operating System qualcomm sa8770p_firmware - Yes
Hardware qualcomm sa8770p - No
Operating System qualcomm sa9000p_firmware - Yes
Hardware qualcomm sa9000p - No
Operating System qualcomm sar1165p_firmware - Yes
Hardware qualcomm sar1165p - No
Operating System qualcomm sar2130p_firmware - Yes
Hardware qualcomm sar2130p - No
Operating System qualcomm snapdragon_ar1_gen_1_platform_firmware - Yes
Hardware qualcomm snapdragon_ar1_gen_1_platform - No
Operating System qualcomm snapdragon_ar1\+_gen_1_platform_firmware - Yes
Hardware qualcomm snapdragon_ar1\+_gen_1_platform - No
Operating System qualcomm srv1h_firmware - Yes
Hardware qualcomm srv1h - No
Operating System qualcomm srv1m_firmware - Yes
Hardware qualcomm srv1m - No
Operating System qualcomm sxr2230p_firmware - Yes
Hardware qualcomm sxr2230p - No
Operating System qualcomm sxr2250p_firmware - Yes
Hardware qualcomm sxr2250p - No
Operating System qualcomm wcd9380_firmware - Yes
Hardware qualcomm wcd9380 - No
Operating System qualcomm wcd9385_firmware - Yes
Hardware qualcomm wcd9385 - No
Operating System qualcomm wcn3950_firmware - Yes
Hardware qualcomm wcn3950 - No
Operating System qualcomm wcn7860_firmware - Yes
Hardware qualcomm wcn7860 - No
Operating System qualcomm wcn7861_firmware - Yes
Hardware qualcomm wcn7861 - No
Operating System qualcomm wsa8830_firmware - Yes
Hardware qualcomm wsa8830 - No
Operating System qualcomm wsa8832_firmware - Yes
Hardware qualcomm wsa8832 - No
Operating System qualcomm wsa8835_firmware - Yes
Hardware qualcomm wsa8835 - No
Operating System qualcomm xrv7209_firmware - Yes
Hardware qualcomm xrv7209 - No
Operating System qualcomm xrv9209_firmware - Yes
Hardware qualcomm xrv9209 - No

References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For qualcomm's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.