Vulnerabilities ›

CVE-2026-21378

High

CWE-126 — Weakness Type

                    Published: Apr 6, 2026                      ·  Modified: Apr 13, 2026                      ·  Source: NVD                

CVSS v3

7.8

🔗 NVD Official

📄 Description (English)

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.

🤖 AI Executive Summary

CVE-2026-21378 is a high-severity memory corruption vulnerability (CVSS 7.8) in Qualcomm camera sensor drivers affecting multiple FastConnect and SoC firmware versions. The vulnerability stems from improper buffer size validation during IOCTL processing, potentially allowing local attackers to cause denial of service or execute arbitrary code. No patch is currently available, requiring immediate compensating controls and firmware monitoring.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: Apr 28, 2026 22:03

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability primarily impacts Saudi telecommunications sector (STC, Mobily, Zain) devices using Qualcomm FastConnect 6900/7800 chipsets in enterprise WiFi infrastructure and mobile devices. Government entities (NCA, NCSC) managing critical communications networks face elevated risk. Healthcare sector (MOH facilities) utilizing connected medical devices with affected Qualcomm SoCs may experience service disruptions. Energy sector (ARAMCO, SEC) IoT and SCADA systems using these chipsets require immediate assessment. Banking sector (SAMA-regulated institutions) mobile and IoT deployments need urgent inventory review.

🏢 Affected Saudi Sectors

Telecommunications (STC, Mobily, Zain) Government (NCA, NCSC) Healthcare (MOH) Energy (ARAMCO, SEC) Banking (SAMA-regulated institutions) Defense and Security

🎯 MITRE ATT&CK Techniques

T1547 - Boot or Logon Autostart Execution T1548 - Abuse Elevation Control Mechanism T1203 - Exploitation for Client Execution T1499 - Endpoint Denial of Service T1040 - Traffic Capture or Redirection

⚖️ Saudi Risk Score (AI)

7.2

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Inventory all devices using affected Qualcomm firmware versions (FastConnect 6900/7800, QCA6391/6420/6430, QCM5430/6490, SC8380XP)

2. Restrict local access to affected devices through physical security and access controls

3. Disable IOCTL camera sensor interfaces where operationally feasible

4. Implement network segmentation isolating affected devices from critical systems



COMPENSATING CONTROLS:

5. Deploy SELinux/AppArmor policies restricting unprivileged process access to camera driver IOCTLs

6. Enable kernel address space layout randomization (ASLR) and stack canaries

7. Monitor system logs for abnormal camera driver access patterns and memory errors

8. Implement application whitelisting on affected devices



DETECTION:

9. Monitor for IOCTL calls to camera sensor drivers with oversized buffer parameters

10. Alert on kernel panic/oops messages related to camera driver memory violations

11. Track firmware version compliance across enterprise inventory

12. Establish patch readiness process for when Qualcomm releases fixes



PATCHING STRATEGY:

13. Subscribe to Qualcomm security bulletins for firmware updates

14. Prepare staged deployment plan for firmware updates once available

15. Test updates in isolated lab environment before production deployment

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. حصر جميع الأجهزة التي تستخدم إصدارات البرامج الثابتة المتأثرة من Qualcomm (FastConnect 6900/7800، QCA6391/6420/6430، QCM5430/6490، SC8380XP)

2. تقييد الوصول المحلي للأجهزة المتأثرة من خلال الأمان المادي وضوابط الوصول

3. تعطيل واجهات مستشعر الكاميرا IOCTL حيث يكون ذلك ممكناً من الناحية التشغيلية

4. تنفيذ تقسيم الشبكة لعزل الأجهزة المتأثرة عن الأنظمة الحرجة

الضوابط التعويضية:

5. نشر سياسات SELinux/AppArmor تقيد وصول العمليات غير المميزة إلى IOCTLs برنامج تشغيل الكاميرا

6. تفعيل عشوائية تخطيط مساحة العنوان (ASLR) وحماية المكدس

7. مراقبة سجلات النظام للأنماط غير الطبيعية للوصول إلى برنامج تشغيل الكاميرا وأخطاء الذاكرة

8. تنفيذ قائمة بيضاء للتطبيقات على الأجهزة المتأثرة

الكشف:

9. مراقبة استدعاءات IOCTL لبرامج تشغيل مستشعرات الكاميرا بمعاملات مخزن مؤقت كبيرة الحجم

10. تنبيه رسائل kernel panic/oops المتعلقة بانتهاكات ذاكرة برنامج تشغيل الكاميرا

11. تتبع توافق إصدار البرامج الثابتة عبر المخزون الموزع

12. إنشاء عملية جاهزية التصحيح لعندما تصدر Qualcomm التحديثات

استراتيجية التصحيح:

13. الاشتراك في نشرات أمان Qualcomm لتحديثات البرامج الثابتة

14. تحضير خطة نشر مرحلية لتحديثات البرامج الثابتة عند توفرها

15. اختبار التحديثات في بيئة معملية معزولة قبل النشر الإنتاجي

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.12.6.1 - Management of technical vulnerabilities ECC 2024 A.14.2.1 - Secure development policy ECC 2024 A.12.2.1 - Monitoring and logging of access to information

🔵 SAMA CSF

ID.RA-1 - Asset management and vulnerability identification PR.PT-2 - System and communications protection DE.CM-1 - Detection and analysis of anomalies

🟡 ISO 27001:2022

A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy and procedures A.12.2.1 - User access management A.8.1.1 - Screening of personnel

🟣 PCI DSS v4.0.1

Requirement 6.2 - Security patches and updates Requirement 11.2 - Vulnerability scanning

🔗 References & Sources 1

🔗

https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin....

product-security@qualcomm.com

Vendor Advisory

📦 Affected Products / CPE 50 entries

qualcomm:fastconnect_6900_firmware:-

qualcomm:fastconnect_7800_firmware:-

qualcomm:qca0000_firmware:-

qualcomm:qca6391_firmware:-

qualcomm:qca6420_firmware:-

qualcomm:qca6430_firmware:-

qualcomm:qcm5430_firmware:-

qualcomm:qcm6490_firmware:-

qualcomm:video_collaboration_vc3_platform_firmware:-

qualcomm:sc8380xp_firmware:-

qualcomm:sm6250_firmware:-

qualcomm:snapdragon_460_mobile_platform_firmware:-

qualcomm:snapdragon_662_mobile_platform_firmware:-

qualcomm:snapdragon_7c_compute_platform_firmware:-

qualcomm:snapdragon_7c_gen_2_compute_platform_firmware:-

qualcomm:snapdragon_7c\+_gen_3_compute_firmware:-

qualcomm:snapdragon_8c_compute_platform_firmware:-

qualcomm:snapdragon_8cx_compute_platform_firmware:-

qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-

qualcomm:snapdragon_8cx_gen_3_compute_platform_firmware:-

qualcomm:snapdragon_ar1_gen_1_platform_firmware:-

qualcomm:wcd9340_firmware:-

qualcomm:wcd9341_firmware:-

qualcomm:wcd9370_firmware:-

qualcomm:wcd9375_firmware:-

qualcomm:wcd9378c_firmware:-

qualcomm:wcd9380_firmware:-

qualcomm:wcd9385_firmware:-

qualcomm:wcn3950_firmware:-

qualcomm:wcn3988_firmware:-

qualcomm:wsa8810_firmware:-

qualcomm:wsa8815_firmware:-

qualcomm:wsa8830_firmware:-

qualcomm:wsa8832_firmware:-

qualcomm:wsa8835_firmware:-

qualcomm:wsa8840_firmware:-

qualcomm:wsa8845_firmware:-

qualcomm:wsa8845h_firmware:-

qualcomm:x2000077_firmware:-

qualcomm:x2000086_firmware:-

qualcomm:aqt1000_firmware:-

qualcomm:cologne_firmware:-

qualcomm:fastconnect_6200_firmware:-

qualcomm:fastconnect_6700_firmware:-

qualcomm:fastconnect_6800_firmware:-

qualcomm:x2000090_firmware:-

qualcomm:x2000092_firmware:-

qualcomm:x2000094_firmware:-

qualcomm:xg101002_firmware:-

qualcomm:xg101032_firmware:-

📊 CVSS Score

7.8

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score7.8

CWECWE-126

EPSS0.01%

Exploit No

Patch ✗ No

Published 2026-04-06

Source Feed nvd

🇸🇦 Saudi Risk Score

7.2

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-126

🏢 Vendor Advisories

🔗 https://docs.qualcomm.com/product/publicresources/se...

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-21378

💬 Comments

Introduce Yourself

Sign In Required