CVE-2025-27030

Summary

information disclosure while invoking calibration data from user space to update firmware size.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonC-V2X 9150affected
Qualcomm, Inc.SnapdragonQAM8295Paffected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6584AUaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA9367affected
Qualcomm, Inc.SnapdragonQCA9377affected
Qualcomm, Inc.SnapdragonQCN9074affected
Qualcomm, Inc.SnapdragonQCS410affected
Qualcomm, Inc.SnapdragonQCS610affected
Qualcomm, Inc.SnapdragonQSM8250affected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC1 Platformaffected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC3 Platformaffected
Qualcomm, Inc.SnapdragonSA6145Paffected
Qualcomm, Inc.SnapdragonSA6150Paffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA8145Paffected
Qualcomm, Inc.SnapdragonSA8150Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSA8295Paffected
Qualcomm, Inc.SnapdragonSA8530Paffected
Qualcomm, Inc.SnapdragonSA8540Paffected
Qualcomm, Inc.SnapdragonSA9000Paffected
Qualcomm, Inc.SnapdragonSDX55affected
Qualcomm, Inc.SnapdragonSnapdragon Auto 5G Modem-RFaffected
Qualcomm, Inc.SnapdragonSnapdragon Auto 5G Modem-RF Gen 2affected
Qualcomm, Inc.SnapdragonSW5100affected
Qualcomm, Inc.SnapdragonSW5100Paffected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCN3660Baffected
Qualcomm, Inc.SnapdragonWCN3680Baffected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References