FKIE_CVE-2025-59601

Vulnerability from fkie_nvd - Published: 2026-06-01 23:16 - Updated: 2026-06-02 18:00
Severity
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.
References
product-security@qualcomm.comhttps://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.htmlVendor Advisory
Impacted products
Vendor Product Version
qualcomm fastconnect_7800_firmware -
qualcomm fastconnect_7800 -
qualcomm qca7005_firmware -
qualcomm qca7005 -
qualcomm snapdragon_ar1_gen_1_platform_firmware -
qualcomm snapdragon_ar1_gen_1_platform -
qualcomm wcd9380_firmware -
qualcomm wcd9380 -
qualcomm wcd9385_firmware -
qualcomm wcd9385 -
qualcomm wsa8830_firmware -
qualcomm wsa8830 -
qualcomm wsa8832_firmware -
qualcomm wsa8832 -
qualcomm wsa8835_firmware -
qualcomm wsa8835 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca7005_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EF4F63F-EB75-4795-B679-5369A543451A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca7005:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "411A4F25-B701-4EFB-A2D1-ED9EC7FBF79E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53E5BBDA-C07D-42E2-9A34-EC1F6454CAA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB2408F-C768-4DD2-B834-B62E188D6CC2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration."
    }
  ],
  "id": "CVE-2025-59601",
  "lastModified": "2026-06-02T18:00:59.050",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "product-security@qualcomm.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-06-01T23:16:15.477",
  "references": [
    {
      "source": "product-security@qualcomm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
    }
  ],
  "sourceIdentifier": "product-security@qualcomm.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1230"
        }
      ],
      "source": "product-security@qualcomm.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.