CVE-2025-21476

EPSS 0.01%
Published 24.09.2025 16:15:33
Last modified 25.09.2025 16:08:48
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Qcs6490 Firmware Version-

Qualcomm ≫ Qcs6490 Version-

Qualcomm ≫ Qcs8550 Firmware Version-

Qualcomm ≫ Qcs8550 Version-

Qualcomm ≫ Qcs9100 Firmware Version-

Qualcomm ≫ Qcs9100 Version-

Qualcomm ≫ Sg8275 Firmware Version-

Qualcomm ≫ Sg8275 Version-

Qualcomm ≫ Sg8275p Firmware Version-

Qualcomm ≫ Sg8275p Version-

Qualcomm ≫ Sm6650 Firmware Version-

Qualcomm ≫ Sm6650 Version-

Qualcomm ≫ Sm7635 Firmware Version-

Qualcomm ≫ Sm7635 Version-

Qualcomm ≫ Sm7675 Firmware Version-

Qualcomm ≫ Sm7675 Version-

Qualcomm ≫ Sm7675p Firmware Version-

Qualcomm ≫ Sm7675p Version-

Qualcomm ≫ Sm8550 Firmware Version-

Qualcomm ≫ Sm8550 Version-

Qualcomm ≫ Sm8550p Firmware Version-

Qualcomm ≫ Sm8550p Version-

Qualcomm ≫ Sm8635 Firmware Version-

Qualcomm ≫ Sm8635 Version-

Qualcomm ≫ Sm8635p Firmware Version-

Qualcomm ≫ Sm8635p Version-

Qualcomm ≫ Sm8650 Firmware Version-

Qualcomm ≫ Sm8650 Version-

Qualcomm ≫ Sm8650p Firmware Version-

Qualcomm ≫ Sm8650p Version-

Qualcomm ≫ Sm8650q Firmware Version-

Qualcomm ≫ Sm8650q Version-

Qualcomm ≫ Sm8750 Firmware Version-

Qualcomm ≫ Sm8750 Version-

Qualcomm ≫ Sm8750p Firmware Version-

Qualcomm ≫ Sm8750p Version-

Qualcomm ≫ Sxr2330p Firmware Version-

Qualcomm ≫ Sxr2330p Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6698aq Firmware Version-

Qualcomm ≫ Qca6698aq Version-

Qualcomm ≫ Qcn9011 Firmware Version-

Qualcomm ≫ Qcn9011 Version-

Qualcomm ≫ Qcn9012 Firmware Version-

Qualcomm ≫ Qcn9012 Version-

Qualcomm ≫ Qcn9274 Firmware Version-

Qualcomm ≫ Qcn9274 Version-

Qualcomm ≫ Wcn3910 Firmware Version-

Qualcomm ≫ Wcn3910 Version-

Qualcomm ≫ Wcn3950 Firmware Version-

Qualcomm ≫ Wcn3950 Version-

Qualcomm ≫ Wcn6650 Firmware Version-

Qualcomm ≫ Wcn6650 Version-

Qualcomm ≫ Wcn6750 Firmware Version-

Qualcomm ≫ Wcn6750 Version-

Qualcomm ≫ Wcn6755 Firmware Version-

Qualcomm ≫ Wcn6755 Version-

Qualcomm ≫ Wcn6855 Firmware Version-

Qualcomm ≫ Wcn6855 Version-

Qualcomm ≫ Wcn6856 Firmware Version-

Qualcomm ≫ Wcn6856 Version-

Qualcomm ≫ Wcn7850 Firmware Version-

Qualcomm ≫ Wcn7850 Version-

Qualcomm ≫ Wcn7851 Firmware Version-

Qualcomm ≫ Wcn7851 Version-

Qualcomm ≫ Wcn7860 Firmware Version-

Qualcomm ≫ Wcn7860 Version-

Qualcomm ≫ Wcn7861 Firmware Version-

Qualcomm ≫ Wcn7861 Version-

Qualcomm ≫ Wcn7880 Firmware Version-

Qualcomm ≫ Wcn7880 Version-

Qualcomm ≫ Wcn7881 Firmware Version-

Qualcomm ≫ Wcn7881 Version-

Qualcomm ≫ Qcm5430 Firmware Version-

Qualcomm ≫ Qcm5430 Version-

Qualcomm ≫ Qcm6490 Firmware Version-

Qualcomm ≫ Qcm6490 Version-

Qualcomm ≫ Qcm8550 Firmware Version-

Qualcomm ≫ Qcm8550 Version-

Qualcomm ≫ Qcs5430 Firmware Version-

Qualcomm ≫ Qcs5430 Version-

Qualcomm ≫ Qcs615 Firmware Version-

Qualcomm ≫ Qcs615 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.014

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
product-security@qualcomm.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-21476

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-21476

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-21476

EUVD