CVE-2025-27067

EPSS 0.02%
Veröffentlicht 06.08.2025 07:26:04
Zuletzt bearbeitet 18.08.2025 18:27:40
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Memory corruption while processing DDI call with invalid buffer.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Wsa8840 Firmware Version-

Qualcomm ≫ Wsa8840 Version-

Qualcomm ≫ Wsa8845 Firmware Version-

Qualcomm ≫ Wsa8845 Version-

Qualcomm ≫ Wsa8845h Firmware Version-

Qualcomm ≫ Wsa8845h Version-

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900 Version-

Qualcomm ≫ Fastconnect 7800 Firmware Version-

Qualcomm ≫ Fastconnect 7800 Version-

Qualcomm ≫ Sc8380xp Firmware Version-

Qualcomm ≫ Sc8380xp Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.02

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
product-security@qualcomm.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-27067

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-27067

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-27067

EUVD