Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Conclusion & alert: CVE-2021-1894 is rated Low Risk (30.3/100): CVSS High severity, with low exploitation likelihood (EPSS 0.15%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.03% | 0.15% | +0.12% |
| 2 | 2025-07-08 | 0.07% | 0.03% | -0.03% |
| 3 | 2025-03-17 | — | 0.07% | — |
Full EPSS history (6 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.1 | 3.1 | HIGH |
|
1.8 | 5.2 | [email protected] |
| 7.8 | 3.1 | HIGH |
|
1.8 | 5.9 | [email protected] |
| 7.2 | 2.0 | HIGH |
|
3.9 | 10.0 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| qualcomm | ar8031_firmware | — | cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ar8035_firmware | — | cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6620_firmware | — | cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6640_firmware | — | cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csrb31024_firmware | — | cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fsm10055_firmware | — | cpe:2.3:o:qualcomm:fsm10055_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fsm10056_firmware | — | cpe:2.3:o:qualcomm:fsm10056_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9150_firmware | — | cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9205_firmware | — | cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9628_firmware | — | cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca4004_firmware | — | cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6174a_firmware | — | cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6390_firmware | — | cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6391_firmware | — | cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6426_firmware | — | cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6436_firmware | — | cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564_firmware | — | cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564a_firmware | — | cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564au_firmware | — | cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574_firmware | — | cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574a_firmware | — | cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574au_firmware | — | cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6595au_firmware | — | cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6696_firmware | — | cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8081_firmware | — | cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8337_firmware | — | cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca9367_firmware | — | cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca9377_firmware | — | cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca9984_firmware | — | cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm2290_firmware | — | cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm4290_firmware | — | cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm6490_firmware | — | cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs2290_firmware | — | cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs405_firmware | — | cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs410_firmware | — | cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs4290_firmware | — | cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs610_firmware | — | cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs6490_firmware | — | cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs8155_firmware | — | cpe:2.3:o:qualcomm:qcs8155_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcx315_firmware | — | cpe:2.3:o:qualcomm:qcx315_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qrb5165_firmware | — | cpe:2.3:o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qrb5165n_firmware | — | cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qsm8250_firmware | — | cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa415m_firmware | — | cpe:2.3:o:qualcomm:sa415m_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa515m_firmware | — | cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa6145p_firmware | — | cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa6150p_firmware | — | cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa6155_firmware | — | cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa6155p_firmware | — | cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8145p_firmware | — | cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8150p_firmware | — | cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8155_firmware | — | cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8155p_firmware | — | cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8195p_firmware | — | cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8540p_firmware | — | cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa9000p_firmware | — | cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sc8280xp_firmware | — | cpe:2.3:o:qualcomm:sc8280xp_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd_675_firmware | — | cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd_8cx_firmware | — | cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd460_firmware | — | cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd480_firmware | — | cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd662_firmware | — | cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd665_firmware | — | cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd675_firmware | — | cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd678_firmware | — | cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd690_5g_firmware | — | cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd720g_firmware | — | cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd730_firmware | — | cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd750g_firmware | — | cpe:2.3:o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd765_firmware | — | cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd765g_firmware | — | cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd768g_firmware | — | cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd778g_firmware | — | cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd780g_firmware | — | cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd7c_firmware | — | cpe:2.3:o:qualcomm:sd7c_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd850_firmware | — | cpe:2.3:o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd865_5g_firmware | — | cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd870_firmware | — | cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd888_firmware | — | cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd888_5g_firmware | — | cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin | Vendor Advisory |