الثغرات ›

CVE-2026-21375

مرتفع

CWE-126 — نوع الضعف

                    نُشر: Apr 6, 2026                      ·  آخر تحديث: Apr 13, 2026                      ·  المصدر: NVD                

CVSS v3

7.8

🔗 NVD الرسمي

📄 الوصف (الإنجليزية)

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.

🤖 ملخص AI

CVE-2026-21375 is a high-severity memory corruption vulnerability in Qualcomm wireless and mobile platform firmware affecting IOCTL buffer handling. The vulnerability allows unauthenticated local attackers to trigger out-of-bounds memory access without proper buffer size validation, potentially leading to denial of service or privilege escalation. With no patch currently available and widespread deployment across Saudi telecommunications and enterprise infrastructure, immediate compensating controls are critical.

📄 الوصف (العربية)

🤖 التحليل الذكي آخر تحليل: Apr 28, 2026 22:01

🇸🇦 التأثير على المملكة العربية السعودية

This vulnerability poses significant risk to Saudi telecommunications sector (STC, Mobily, Zain) as Qualcomm FastConnect and Snapdragon platforms are extensively deployed in enterprise devices, smartphones, and IoT infrastructure. Banking sector (SAMA-regulated institutions) faces risk through compromised mobile banking devices and enterprise endpoints. Government agencies and critical infrastructure operators using Qualcomm-based wireless equipment are vulnerable to privilege escalation attacks. Healthcare sector (MOH facilities) relying on connected medical devices with affected chipsets faces operational disruption risks. Energy sector (ARAMCO, utilities) using industrial IoT with Qualcomm components requires immediate assessment.

🏢 القطاعات السعودية المتأثرة

Telecommunications (STC, Mobily, Zain) Banking and Financial Services (SAMA-regulated) Government and Public Administration Healthcare (MOH facilities) Energy and Utilities (ARAMCO, regional operators) Enterprise IT and Corporate Networks IoT and Connected Devices

🎯 تقنيات MITRE ATT&CK

T1548.004 - Abuse Elevation Control Mechanism: Elevated Execution with Prompt T1055 - Process Injection T1499.004 - Application or System Exploitation T1203 - Exploitation for Client Execution T1068 - Exploitation for Privilege Escalation

⚖️ درجة المخاطر السعودية (AI)

7.8

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Inventory all devices using affected Qualcomm firmware (Cologne, FastConnect 6700/6900/7800, QCA0000, QCM5430/6490, VC3, SC8380XP, Snapdragon 460)

2. Restrict local access to affected devices through network segmentation and access controls

3. Disable IOCTL-based services where operationally feasible

4. Monitor for suspicious IOCTL calls and memory access patterns



COMPENSATING CONTROLS:

5. Implement kernel-level memory protection (SMEP/SMAP on supported platforms)

6. Enable Address Space Layout Randomization (ASLR) on all affected systems

7. Apply SELinux/AppArmor mandatory access controls to restrict IOCTL access

8. Deploy endpoint detection and response (EDR) solutions with memory corruption detection

9. Implement device driver signature verification and code integrity monitoring



DETECTION RULES:

10. Monitor system logs for IOCTL error codes and memory access violations

11. Alert on unexpected kernel panic or system crashes on affected devices

12. Track failed buffer operations and out-of-bounds access attempts

13. Implement IDS signatures for abnormal IOCTL parameter patterns



PATCHING STRATEGY:

14. Contact Qualcomm and device manufacturers for patch timelines

15. Prepare patch deployment procedures for when updates become available

16. Prioritize patching for devices in high-risk environments (banking, government)

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. حصر جميع الأجهزة التي تستخدم برامج Qualcomm الثابتة المتأثرة

2. تقييد الوصول المحلي للأجهزة المتأثرة من خلال تقسيم الشبكة والتحكم في الوصول

3. تعطيل خدمات IOCTL حيث يكون ذلك ممكناً من الناحية التشغيلية

4. مراقبة استدعاءات IOCTL المريبة وأنماط الوصول إلى الذاكرة

الضوابط التعويضية:

5. تنفيذ حماية الذاكرة على مستوى النواة (SMEP/SMAP)

6. تفعيل عشوائية تخطيط مساحة العنوان (ASLR)

7. تطبيق ضوابط الوصول الإلزامية SELinux/AppArmor

8. نشر حلول الكشف والاستجابة للنقاط النهائية (EDR)

9. تنفيذ التحقق من توقيع برنامج التشغيل ومراقبة سلامة الكود

قواعد الكشف:

10. مراقبة سجلات النظام لأخطاء IOCTL وانتهاكات الوصول إلى الذاكرة

11. التنبيه على توقف النواة غير المتوقع أو أعطال النظام

12. تتبع عمليات المخزن المؤقت الفاشلة ومحاولات الوصول خارج الحدود

13. تنفيذ توقيعات IDS لأنماط معاملات IOCTL غير الطبيعية

استراتيجية التصحيح:

14. الاتصال بـ Qualcomm وشركات المصنعين للحصول على جداول زمنية للتصحيحات

15. تحضير إجراءات نشر التصحيحات عند توفر التحديثات

16. أولويات التصحيح للأجهزة في البيئات عالية المخاطر

📋 خريطة الامتثال التنظيمي

🟢 NCA ECC 2024

A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy A.12.2.1 - Monitoring of system use A.12.4.1 - Event logging

🔵 SAMA CSF

ID.RA-1 - Asset management and vulnerability identification PR.DS-6 - Data security and integrity controls DE.CM-1 - Detection and monitoring of anomalous activity RS.MI-1 - Incident response and mitigation

🟡 ISO 27001:2022

A.12.2.1 - Monitoring of information systems A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development and change management A.12.4.1 - Recording user activities

🟣 PCI DSS v4.0.1

Requirement 6.2 - Security patches and updates Requirement 11.2 - Vulnerability scanning Requirement 12.2 - Configuration standards

🔗 المراجع والمصادر 1

🔗

https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin....

product-security@qualcomm.com

Vendor Advisory

📦 المنتجات المتأثرة 35 منتج

qualcomm:cologne_firmware:-

qualcomm:fastconnect_6700_firmware:-

qualcomm:fastconnect_6900_firmware:-

qualcomm:fastconnect_7800_firmware:-

qualcomm:qca0000_firmware:-

qualcomm:qcm5430_firmware:-

qualcomm:qcm6490_firmware:-

qualcomm:video_collaboration_vc3_platform_firmware:-

qualcomm:sc8380xp_firmware:-

qualcomm:snapdragon_460_mobile_platform_firmware:-

qualcomm:snapdragon_662_mobile_platform_firmware:-

qualcomm:snapdragon_7c\+_gen_3_compute_firmware:-

qualcomm:snapdragon_8cx_gen_3_compute_platform_firmware:-

qualcomm:snapdragon_ar1_gen_1_platform_firmware:-

qualcomm:wcd9370_firmware:-

qualcomm:wcd9375_firmware:-

qualcomm:wcd9378c_firmware:-

qualcomm:wcd9380_firmware:-

qualcomm:wcd9385_firmware:-

qualcomm:wcn3950_firmware:-

qualcomm:wcn3988_firmware:-

qualcomm:wsa8830_firmware:-

qualcomm:wsa8832_firmware:-

qualcomm:wsa8835_firmware:-

qualcomm:wsa8840_firmware:-

qualcomm:wsa8845_firmware:-

qualcomm:wsa8845h_firmware:-

qualcomm:x2000077_firmware:-

qualcomm:x2000086_firmware:-

qualcomm:x2000090_firmware:-

qualcomm:x2000092_firmware:-

qualcomm:x2000094_firmware:-

qualcomm:xg101002_firmware:-

qualcomm:xg101032_firmware:-

qualcomm:xg101039_firmware:-

📊 CVSS Score

7.8

/ 10.0 — مرتفع

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 حقائق سريعة

الخطورة مرتفع

CVSS Score7.8

CWECWE-126

EPSS0.01%

اختراق متاح لا

تصحيح متاح ✗ لا

تاريخ النشر 2026-04-06

المصدر nvd

المشاهدات 5

🇸🇦 درجة المخاطر السعودية

7.8

/ 10.0 — مخاطر السعودية

أولوية: HIGH

🏷️ الوسوم

CWE-126

🏢 توجيهات البائع

🔗 https://docs.qualcomm.com/product/publicresources/se...

⚡ إجراءات

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 التعليقات

جارٍ التحميل

CVE-2026-21375

💬 التعليقات

عرّفنا بنفسك

تسجيل الدخول مطلوب