NVD disclosure day
CVE-2021-31755
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A stack buffer overflow vulnerability in Tenda AC11 devices allows for arbitrary code execution via a crafted network request. This could lead to a compromise of affected systems, posing a business risk. The vulnerability is listed on the CISA Known Exploited Vulnerabilities catalog.
CVE-2021-1906
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in certain Qualcomm chipsets can cause GPU address allocation failure, potentially impacting operations. This issue may lead to a denial-of-service condition, affecting system availability and business risk. Organizations should consult vendor advisories for mitigation guidance.
CVE-2021-1905
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
Qualcomm chipsets are affected by a memory handling vulnerability. This flaw could allow attackers to impact system integrity and confidentiality on affected devices. The business risk is contained as exploitation requires local access to the device.