CVE-2025-21439 (GCVE-0-2025-21439)
Vulnerability from cvelistv5 – Published: 2025-04-07 10:16 – Updated: 2025-04-08 03:55
VLAI?
Summary
Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.
Severity ?
7.8 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
FastConnect 6700
Affected: FastConnect 6900 Affected: QCA6595AU Affected: QCM5430 Affected: QCM6490 Affected: QCN7605 Affected: QCN7606 Affected: QCS5430 Affected: QCS6490 Affected: Qualcomm Video Collaboration VC3 Platform Affected: SC8180X+SDX55 Affected: Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite" Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Affected: Snapdragon 8cx Compute Platform (SC8180X-AA, AB) Affected: Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro" Affected: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro" Affected: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB) Affected: WCD9370 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-07T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T03:55:59.260Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Consumer Electronics Connectivity",
"Snapdragon Industrial IOT"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QCN7605"
},
{
"status": "affected",
"version": "QCN7606"
},
{
"status": "affected",
"version": "QCS5430"
},
{
"status": "affected",
"version": "QCS6490"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "SC8180X+SDX55"
},
{
"status": "affected",
"version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\""
},
{
"status": "affected",
"version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)"
},
{
"status": "affected",
"version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-07T10:16:07.416Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html"
}
],
"title": "Out-of-bounds Read in Windows WLAN Host"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2025-21439",
"datePublished": "2025-04-07T10:16:07.416Z",
"dateReserved": "2024-12-18T09:50:08.921Z",
"dateUpdated": "2025-04-08T03:55:59.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-21439\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2025-04-07T11:15:52.457\",\"lastModified\":\"2025-10-06T19:53:10.207\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.\"},{\"lang\":\"es\",\"value\":\"Puede ocurrir corrupci\u00f3n en la memoria al leer datos de la placa a trav\u00e9s de la llamada IOCTL cuando el controlador WLAN copia el contenido al b\u00fafer de salida provisto.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82B82E87-F3F4-466F-A76B-C8809121FF6F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"419A132E-E42C-4395-B74B-788A39DF1D13\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E670F500-9B71-4BBE-B5DA-221D35803C89\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"288F637F-22F8-47CF-B67F-C798A730A1BD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0996EA3-1C92-4933-BE34-9CF625E59FE7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99AA0291-B822-4CAD-BA17-81B632FC3FEF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C9D1966-30F0-414D-BE75-0A14B12A1457\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F466A5BD-1912-4811-9A93-81555F101D46\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F92914E-16F6-4A25-9FEF-FB7CB3377132\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6926498-667C-4866-B3DD-A7E20B8F4D7F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs5430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEFEBC7A-80C0-4E4F-B9C7-53EECF86B6B5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"403AE561-6C9E-49F3-A5D6-C48DDD51D663\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAC140F-FC5E-4C88-B777-7F5EBF49A695\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD4946C6-778F-4542-AB77-C9B86AF25C05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F1D604A-4530-42B3-80A0-58A82D658DDD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sc8180x\\\\+sdx55_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C751ABFE-3B9B-472B-A10C-277270790D95\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sc8180x\\\\+sdx55:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C819454D-D413-478A-B78D-CFF6994803A1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_\\\\(sc8180x-ad\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D13A888A-1BAF-4347-A866-A516BDDCDCDB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform_\\\\(sc8180x-ad\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27A2D698-91EB-4439-93E0-F22801111140\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_\\\\(sc8180xp-ad\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E81ADBDE-BC6C-4FA2-B33F-553A8E42BB9F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform_\\\\(sc8180xp-ad\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7A79274-E042-47F0-82C1-F3FFEF0BC058\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_\\\\(sc8180x-aa\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AEC14A6-AD24-4D0F-8E33-86F4D9BBDCB4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform_\\\\(sc8180x-aa\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E54ADD0-8A02-4965-84B0-1A7ED7E1AAED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_\\\\(sc8180x-ab\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D584C724-6EE1-499D-B1E1-B7FCCA86D5C0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform_\\\\(sc8180x-ab\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"282E6609-6753-4285-A55B-E3B2DDB8EC09\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_\\\\(sc8180xp-ac\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AA5AA9A-6457-4589-B381-4B482BCB19E2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform_\\\\(sc8180xp-ac\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEBE0657-D50B-4E07-92CF-142B0C7F380A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_\\\\(sc8180xp-af\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"982256D5-C258-421D-8783-32A35FA3948F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform_\\\\(sc8180xp-af\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56246FAC-7EBB-46C8-B2D9-375C113696A8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\\(sc8180x-ac\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21D67169-6D6F-4F5A-94E2-323D4B636200\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\\(sc8180x-ac\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A45B6A8F-60A7-4149-B2C5-F0E05D36D352\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\\(sc8180x-af\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"335F16FD-03A6-4E6F-8BCE-AF8DE1EA8648\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\\(sc8180x-af\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6991A03D-5317-4B30-847A-9DFE918ACECE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\\(sc8180xp-aa\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5928B976-89F9-4AF8-B025-4A02C60BB6B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\\(sc8180xp-aa\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7772FCC-2C4E-4BFA-A47E-A48277E76F7A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\\(sc8180xp-ab\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBF22021-25DC-460A-89D4-09F6F17906F3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\\(sc8180xp-ab\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"625CDF5C-CB97-4F53-A21F-19D512AF97D7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1295D869-F4DD-4766-B4AA-3513752F43B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B98784DC-3143-4D38-AD28-DBBDCCAB4272\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34143ABA-7D09-429F-A65C-3A33438BF62C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70292B01-617F-44AD-AF77-1AFC1450523D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA94C6D6-85DB-4031-AAF4-C399019AE16D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92B17201-8185-47F1-9720-5AB4ECD11B22\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1FA2EB9-416F-4D69-8786-386CC73978AE\"}]}]}],\"references\":[{\"url\":\"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-21439\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-07T15:37:46.007868Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-07T15:37:54.052Z\"}}], \"cna\": {\"title\": \"Out-of-bounds Read in Windows WLAN Host\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Qualcomm, Inc.\", \"product\": \"Snapdragon\", \"versions\": [{\"status\": \"affected\", \"version\": \"FastConnect 6700\"}, {\"status\": \"affected\", \"version\": \"FastConnect 6900\"}, {\"status\": \"affected\", \"version\": \"QCA6595AU\"}, {\"status\": \"affected\", \"version\": \"QCM5430\"}, {\"status\": \"affected\", \"version\": \"QCM6490\"}, {\"status\": \"affected\", \"version\": \"QCN7605\"}, {\"status\": \"affected\", \"version\": \"QCN7606\"}, {\"status\": \"affected\", \"version\": \"QCS5430\"}, {\"status\": \"affected\", \"version\": \"QCS6490\"}, {\"status\": \"affected\", \"version\": \"Qualcomm Video Collaboration VC3 Platform\"}, {\"status\": \"affected\", \"version\": \"SC8180X+SDX55\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8c Compute Platform (SC8180X-AD) \\\"Poipu Lite\\\"\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8c Compute Platform (SC8180XP-AD) \\\"Poipu Lite\\\"\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8cx Compute Platform (SC8180X-AA, AB)\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \\\"Poipu Pro\\\"\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \\\"Poipu Pro\\\"\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)\"}, {\"status\": \"affected\", \"version\": \"WCD9370\"}, {\"status\": \"affected\", \"version\": \"WCD9375\"}, {\"status\": \"affected\", \"version\": \"WCD9380\"}, {\"status\": \"affected\", \"version\": \"WCD9385\"}], \"platforms\": [\"Snapdragon Compute\", \"Snapdragon Consumer Electronics Connectivity\", \"Snapdragon Industrial IOT\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787: Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"shortName\": \"qualcomm\", \"dateUpdated\": \"2025-04-07T10:16:07.416Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-21439\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-07T15:38:00.855Z\", \"dateReserved\": \"2024-12-18T09:50:08.921Z\", \"assignerOrgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"datePublished\": \"2025-04-07T10:16:07.416Z\", \"assignerShortName\": \"qualcomm\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…