6.1
CVE-2025-21457
- EPSS 0.01%
- Veröffentlicht 06.08.2025 07:25:50
- Zuletzt bearbeitet 19.08.2025 13:21:46
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Information disclosure while opening a fastrpc session when domain is not sanitized.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Ar8035 Firmware Version-
Qualcomm ≫ Fastconnect 7800 Firmware Version-
Qualcomm ≫ Qca6584au Firmware Version-
Qualcomm ≫ Qca6698aq Firmware Version-
Qualcomm ≫ Qca8081 Firmware Version-
Qualcomm ≫ Qca8337 Firmware Version-
Qualcomm ≫ Qcc710 Firmware Version-
Qualcomm ≫ Qcn6224 Firmware Version-
Qualcomm ≫ Qcn6274 Firmware Version-
Qualcomm ≫ Qfw7114 Firmware Version-
Qualcomm ≫ Qfw7124 Firmware Version-
Qualcomm ≫ Wcd9340 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.014 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| product-security@qualcomm.com | 6.1 | 1.8 | 4.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
|
CWE-126 Buffer Over-read
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.