CVE-2026-21371
Published: 06 April 2026
Summary
CVE-2026-21371 is a high-severity Buffer Over-read (CWE-126) vulnerability in Qualcomm Aqt1000 Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Implements memory protection mechanisms that directly prevent exploitation of buffer over-read vulnerabilities like CVE-2026-21371 caused by insufficient output buffer size validation.
Requires identification, reporting, and timely remediation of flaws such as CVE-2026-21371 through patches provided in Qualcomm's security bulletin.
Enforces validation of input parameters, including buffer sizes, to mitigate memory corruption from insufficient size checks in output buffer retrieval.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local memory corruption (buffer over-read) with low privileges directly enables exploitation for privilege escalation and arbitrary code execution on affected Qualcomm components.
NVD Description
Memory Corruption when retrieving output buffer with insufficient size validation.
Deeper analysisAI
CVE-2026-21371 is a memory corruption vulnerability stemming from insufficient size validation when retrieving an output buffer, classified under CWE-126 (Buffer Over-read). It affects components in Qualcomm products, as detailed in the vendor's security bulletin. The issue carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity with local attack vector, low attack complexity, and low privileges required.
A local attacker with low-level privileges can exploit this vulnerability without user interaction. Successful exploitation enables high-impact outcomes, including unauthorized access to sensitive data (confidentiality), modification of system resources (integrity), and denial of service or system crashes (availability), potentially leading to arbitrary code execution or privilege escalation within the affected Qualcomm components.
Qualcomm has published a security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html, which provides details on the vulnerability and associated patches or mitigations for affected products. Security practitioners should consult this advisory for specific remediation steps.
Details
- CWE(s)