6.5
CVE-2025-59601
- EPSS 0.11%
- Veröffentlicht 01.06.2026 22:05:23
- Zuletzt bearbeitet 02.06.2026 18:00:59
- Quelle product-security@qualcomm.com
- CVE-Watchlists
- Unerledigt
Exposure of Sensitive Information Through Metadata in Powerline Communication Firmware
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Fastconnect 7800 Firmware Version-
Qualcomm ≫ Qca7005 Firmware Version-
Qualcomm ≫ Snapdragon Ar1 Gen 1 Platform Firmware Version-
Qualcomm ≫ Wcd9380 Firmware Version-
Qualcomm ≫ Wcd9385 Firmware Version-
Qualcomm ≫ Wsa8830 Firmware Version-
Qualcomm ≫ Wsa8832 Firmware Version-
Qualcomm ≫ Wsa8835 Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.014 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| product-security@qualcomm.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-1230 Exposure of Sensitive Information Through Metadata
The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information.
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html