8.8

CVE-2025-27060

Memory corruption while performing SCM call with malformed inputs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommIpq5010 Firmware Version-
   QualcommIpq5010 Version-
QualcommIpq5028 Firmware Version-
   QualcommIpq5028 Version-
QualcommQcn6023 Firmware Version-
   QualcommQcn6023 Version-
QualcommQcn6024 Firmware Version-
   QualcommQcn6024 Version-
QualcommQcn6100 Firmware Version-
   QualcommQcn6100 Version-
QualcommQcn6102 Firmware Version-
   QualcommQcn6102 Version-
QualcommQcn6112 Firmware Version-
   QualcommQcn6112 Version-
QualcommQcn6122 Firmware Version-
   QualcommQcn6122 Version-
QualcommQcn6132 Firmware Version-
   QualcommQcn6132 Version-
QualcommQcn9000 Firmware Version-
   QualcommQcn9000 Version-
QualcommQcn9001 Firmware Version-
   QualcommQcn9001 Version-
QualcommQcn9002 Firmware Version-
   QualcommQcn9002 Version-
QualcommQcn9003 Firmware Version-
   QualcommQcn9003 Version-
QualcommQcn9012 Firmware Version-
   QualcommQcn9012 Version-
QualcommQcn9022 Firmware Version-
   QualcommQcn9022 Version-
QualcommQcn9024 Firmware Version-
   QualcommQcn9024 Version-
QualcommQcn9070 Firmware Version-
   QualcommQcn9070 Version-
QualcommQcn9072 Firmware Version-
   QualcommQcn9072 Version-
QualcommQcn9074 Firmware Version-
   QualcommQcn9074 Version-
QualcommQcn9100 Firmware Version-
   QualcommQcn9100 Version-
QualcommQcn9274 Firmware Version-
   QualcommQcn9274 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.02
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
product-security@qualcomm.com 8.8 2 6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE-822 Untrusted Pointer Dereference

The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.