CVE-2025-27033

Summary

Information disclosure while running video usecase having rogue firmware.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonQCM5430affected
Qualcomm, Inc.SnapdragonQCM6490affected
Qualcomm, Inc.SnapdragonQCS5430affected
Qualcomm, Inc.SnapdragonQCS6490affected
Qualcomm, Inc.SnapdragonQCM8550affected
Qualcomm, Inc.SnapdragonQCS8550affected
Qualcomm, Inc.SnapdragonQCS615affected
Qualcomm, Inc.SnapdragonQCS9100affected
Qualcomm, Inc.SnapdragonSM6650affected
Qualcomm, Inc.SnapdragonSM7635affected
Qualcomm, Inc.SnapdragonSM8650affected
Qualcomm, Inc.SnapdragonSM8650Paffected
Qualcomm, Inc.SnapdragonSM8650Qaffected
Qualcomm, Inc.SnapdragonSM7675affected
Qualcomm, Inc.SnapdragonSM7675Paffected
Qualcomm, Inc.SnapdragonSM8635affected
Qualcomm, Inc.SnapdragonSM8635Paffected
Qualcomm, Inc.SnapdragonSM8750affected
Qualcomm, Inc.SnapdragonSM8750Paffected
Qualcomm, Inc.SnapdragonSXR2330Paffected
Qualcomm, Inc.SnapdragonWCN6750affected
Qualcomm, Inc.SnapdragonWCN6856affected
Qualcomm, Inc.SnapdragonQCN9274affected
Qualcomm, Inc.SnapdragonWCN7851affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonWCN6650affected
Qualcomm, Inc.SnapdragonWCN6755affected
Qualcomm, Inc.SnapdragonWCN7850affected
Qualcomm, Inc.SnapdragonWCN7880affected
Qualcomm, Inc.SnapdragonWCN7860affected
Qualcomm, Inc.SnapdragonWCN7861affected
Qualcomm, Inc.SnapdragonWCN7881affected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References