CVE-2026-21383

Published Jul 6, 2026

Last updated 2 days ago

Overview

Description
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.
Source
product-security@qualcomm.com
NVD status
Analyzed
Products
fastconnect_6900_firmware, fastconnect_7800_firmware, lemans_au_lgit_firmware, lemansau_firmware, pandeiro_firmware, qam8255p_firmware, qam8397p_firmware, qam8797p_firmware, qamsrv1h_firmware, qamsrv1m_firmware, qca6595au_firmware, qca6696_firmware, qca6698aq_firmware, qca6797aq_firmware, qca8695au_firmware, qdu1000_firmware, qdu1110_firmware, qdu1210_firmware, qdx1010_firmware, qdx1011_firmware, qln1083bd_firmware, qln1086bd_firmware, qpa1083bd_firmware, qpa1086bd_firmware, qualcomm_dragonwing_x100_accelerator_card_firmware, qxm1093_firmware, qxm1094_firmware, qxm1095_firmware, qxm1096_firmware, sa7255p_firmware, sa7775p_firmware, sa8255p_firmware, sa8620p_firmware, sa8770p_firmware, sa9000p_firmware, sar1165p_firmware, sar2130p_firmware, snapdragon_ar1_gen_1_platform_firmware, snapdragon_ar1\+_gen_1_platform_firmware, srv1h_firmware, srv1m_firmware, sxr2230p_firmware, sxr2250p_firmware, wcd9380_firmware, wcd9385_firmware, wcn3950_firmware, wcn7860_firmware, wcn7861_firmware, wsa8830_firmware, wsa8832_firmware, wsa8835_firmware, xrv7209_firmware, xrv9209_firmware

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.1
Impact score
5.2
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Severity
HIGH

Weaknesses

product-security@qualcomm.com
CWE-323

Social media

Hype score
Not currently trending

Configurations