CVE-2025-27033 (GCVE-0-2025-27033)
Vulnerability from cvelistv5
Published
2025-09-24 15:33
Modified
2025-09-25 13:51
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
CWE
Summary
Information disclosure while running video usecase having rogue firmware.
References
product-security@qualcomm.comhttps://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.htmlVendor Advisory
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Version: QCM5430
Version: QCM6490
Version: QCS5430
Version: QCS6490
Version: QCM8550
Version: QCS8550
Version: QCS615
Version: QCS9100
Version: SM6650
Version: SM7635
Version: SM8650
Version: SM8650P
Version: SM8650Q
Version: SM7675
Version: SM7675P
Version: SM8635
Version: SM8635P
Version: SM8750
Version: SM8750P
Version: SXR2330P
Version: WCN6750
Version: WCN6856
Version: QCN9274
Version: WCN7851
Version: QCA6698AQ
Version: WCN6650
Version: WCN6755
Version: WCN7850
Version: WCN7880
Version: WCN7860
Version: WCN7861
Version: WCN7881
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-27033",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-25T13:51:38.752137Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-25T13:51:44.063Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "QCM5430"
            },
            {
              "status": "affected",
              "version": "QCM6490"
            },
            {
              "status": "affected",
              "version": "QCS5430"
            },
            {
              "status": "affected",
              "version": "QCS6490"
            },
            {
              "status": "affected",
              "version": "QCM8550"
            },
            {
              "status": "affected",
              "version": "QCS8550"
            },
            {
              "status": "affected",
              "version": "QCS615"
            },
            {
              "status": "affected",
              "version": "QCS9100"
            },
            {
              "status": "affected",
              "version": "SM6650"
            },
            {
              "status": "affected",
              "version": "SM7635"
            },
            {
              "status": "affected",
              "version": "SM8650"
            },
            {
              "status": "affected",
              "version": "SM8650P"
            },
            {
              "status": "affected",
              "version": "SM8650Q"
            },
            {
              "status": "affected",
              "version": "SM7675"
            },
            {
              "status": "affected",
              "version": "SM7675P"
            },
            {
              "status": "affected",
              "version": "SM8635"
            },
            {
              "status": "affected",
              "version": "SM8635P"
            },
            {
              "status": "affected",
              "version": "SM8750"
            },
            {
              "status": "affected",
              "version": "SM8750P"
            },
            {
              "status": "affected",
              "version": "SXR2330P"
            },
            {
              "status": "affected",
              "version": "WCN6750"
            },
            {
              "status": "affected",
              "version": "WCN6856"
            },
            {
              "status": "affected",
              "version": "QCN9274"
            },
            {
              "status": "affected",
              "version": "WCN7851"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "WCN6650"
            },
            {
              "status": "affected",
              "version": "WCN6755"
            },
            {
              "status": "affected",
              "version": "WCN7850"
            },
            {
              "status": "affected",
              "version": "WCN7880"
            },
            {
              "status": "affected",
              "version": "WCN7860"
            },
            {
              "status": "affected",
              "version": "WCN7861"
            },
            {
              "status": "affected",
              "version": "WCN7881"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure while running video usecase having rogue firmware."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-24T15:33:39.804Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html"
        }
      ],
      "title": "Buffer Over-read in Video"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2025-27033",
    "datePublished": "2025-09-24T15:33:39.804Z",
    "dateReserved": "2025-02-18T09:19:46.882Z",
    "dateUpdated": "2025-09-25T13:51:44.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-27033\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2025-09-24T16:15:35.500\",\"lastModified\":\"2025-09-25T16:08:17.913\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Information disclosure while running video usecase having rogue firmware.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.8,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-126\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99AA0291-B822-4CAD-BA17-81B632FC3FEF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6926498-667C-4866-B3DD-A7E20B8F4D7F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs5430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEFEBC7A-80C0-4E4F-B9C7-53EECF86B6B5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"403AE561-6C9E-49F3-A5D6-C48DDD51D663\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAC140F-FC5E-4C88-B777-7F5EBF49A695\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"646B241B-2971-4929-9FB6-7A4CBF801CBB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcm8550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5654FFB5-9A89-4399-AFAB-0A26726DEC81\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs615_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A369459-FC20-4F7C-A8D9-89E132900F37\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs615:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8444225-A03E-44D7-8BB8-6102EF3A2356\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs9100_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"057E49CC-28C0-4A82-A895-6E681AB1E22F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs9100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A7FE265-B8C2-4423-9F13-A64111248D65\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm6650_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB505DE-5B4A-4CFA-BA99-1307DBF96A43\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm6650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39296E3C-4E0F-4B90-A3C0-CA9C9F74CBB6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm7635_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"094197AC-0D25-480F-B797-06AC9842CD5C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm7635:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40AC736A-FEB8-49B3-8500-DB3339906C77\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8650_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FA5FB61-BB13-4557-87AC-3EE6C4A8BD47\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"593D81E0-8B38-4874-9EAA-DCA288A15ED6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8650p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"766D70DA-1CC7-4FAC-BDBC-A0960FFD65DA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8650p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36A2B662-00C4-46EC-B155-D8ABF8E4C6E4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8650q_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CAA8D9D-0238-4223-8F7B-134ECBB6FA05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8650q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8A722B8-E1E4-43B4-8882-591CE8C5C166\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm7675_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"012C20A8-3F48-48DD-9A77-65C9CB1F6C30\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm7675:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE992A86-36BC-40E3-8E96-6542560BE8EC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm7675p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B46F132-4049-40D0-8351-C1C6FD2B47A0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm7675p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1846514C-1F95-4568-98DE-C57214401841\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8635_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65865EE9-59C0-498F-A4C5-EC00D4642603\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8635:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE02AB51-6FB6-4727-999B-A7466CEDC534\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8635p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F63D90-4BFC-4EFA-8B74-7A5027A7052D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8635p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20EB529B-6B9F-464F-A98B-A8ABE0F01ADB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8750_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84641A8E-A93C-48C1-86AC-193951BA4D78\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8750:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74169A4C-0247-4719-887E-BBFB36B04F07\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8750p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D8ABDBF-BABC-4219-8A18-BDFC8C826B1F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8750p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"685D81D0-7E95-4DBA-A05B-7C708A5DFDF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"568C5B08-AC42-48D3-8029-A65689EEBE75\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sxr2330p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56DD2B49-0A36-443C-BECB-4115E271A415\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8EE21BA-7178-4D69-852D-2322844FC6B9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9BACB28-F6EA-445A-B74F-0C3881FE59CB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54C616C5-6480-4FE0-9A1C-08026CCB08D8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9129A244-AB8C-4AA4-BFBB-37F84D66BD3E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41F243A1-3C0B-4780-95BF-69A4E1A91F18\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FFC44DC-DA90-45F5-ACC1-5262D3E3A796\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE9D9A56-2157-43F0-BB18-2B7249D7E021\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3F7853D-09EE-476F-B48D-BB30AEB4A67D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93398092-AF7C-4F04-874C-7E5B4CF7AB00\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D242084-5844-4E43-8D7F-D2F8E3521F0C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BC386D9-3D2B-40FA-A2D9-199BB138F46A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"133FFD9F-FA09-4801-939B-AD1D507BE5FE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16EB11D8-27A3-4D04-B863-7FD4549D0BCD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF9B5B84-3C57-4D3D-AFF0-958A19DE09E8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63735D33-9F09-4841-9FE0-0D9AB604BECF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7880:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E826F765-4C2E-4319-BBC4-DEB02AAD783F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EB8794F-7998-424E-AF68-E4A4F9310F65\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"799D69CE-3FCC-4B19-8B00-9AF38111D983\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57608D47-894C-4895-B4B3-4733D55D57DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D765C392-5F38-4E6A-9E88-59629E7A6911\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD\"}]}]}],\"references\":[{\"url\":\"https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-27033\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-25T13:51:38.752137Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-25T13:51:41.718Z\"}}], \"cna\": {\"title\": \"Buffer Over-read in Video\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Qualcomm, Inc.\", \"product\": \"Snapdragon\", \"versions\": [{\"status\": \"affected\", \"version\": \"QCM5430\"}, {\"status\": \"affected\", \"version\": \"QCM6490\"}, {\"status\": \"affected\", \"version\": \"QCS5430\"}, {\"status\": \"affected\", \"version\": \"QCS6490\"}, {\"status\": \"affected\", \"version\": \"QCM8550\"}, {\"status\": \"affected\", \"version\": \"QCS8550\"}, {\"status\": \"affected\", \"version\": \"QCS615\"}, {\"status\": \"affected\", \"version\": \"QCS9100\"}, {\"status\": \"affected\", \"version\": \"SM6650\"}, {\"status\": \"affected\", \"version\": \"SM7635\"}, {\"status\": \"affected\", \"version\": \"SM8650\"}, {\"status\": \"affected\", \"version\": \"SM8650P\"}, {\"status\": \"affected\", \"version\": \"SM8650Q\"}, {\"status\": \"affected\", \"version\": \"SM7675\"}, {\"status\": \"affected\", \"version\": \"SM7675P\"}, {\"status\": \"affected\", \"version\": \"SM8635\"}, {\"status\": \"affected\", \"version\": \"SM8635P\"}, {\"status\": \"affected\", \"version\": \"SM8750\"}, {\"status\": \"affected\", \"version\": \"SM8750P\"}, {\"status\": \"affected\", \"version\": \"SXR2330P\"}, {\"status\": \"affected\", \"version\": \"WCN6750\"}, {\"status\": \"affected\", \"version\": \"WCN6856\"}, {\"status\": \"affected\", \"version\": \"QCN9274\"}, {\"status\": \"affected\", \"version\": \"WCN7851\"}, {\"status\": \"affected\", \"version\": \"QCA6698AQ\"}, {\"status\": \"affected\", \"version\": \"WCN6650\"}, {\"status\": \"affected\", \"version\": \"WCN6755\"}, {\"status\": \"affected\", \"version\": \"WCN7850\"}, {\"status\": \"affected\", \"version\": \"WCN7880\"}, {\"status\": \"affected\", \"version\": \"WCN7860\"}, {\"status\": \"affected\", \"version\": \"WCN7861\"}, {\"status\": \"affected\", \"version\": \"WCN7881\"}], \"platforms\": [\"Snapdragon Auto\", \"Snapdragon Compute\", \"Snapdragon Industrial IOT\", \"Snapdragon Mobile\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Information disclosure while running video usecase having rogue firmware.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-126\", \"description\": \"CWE-126 Buffer Over-read\"}]}], \"providerMetadata\": {\"orgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"shortName\": \"qualcomm\", \"dateUpdated\": \"2025-09-24T15:33:39.804Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-27033\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-25T13:51:44.063Z\", \"dateReserved\": \"2025-02-18T09:19:46.882Z\", \"assignerOrgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"datePublished\": \"2025-09-24T15:33:39.804Z\", \"assignerShortName\": \"qualcomm\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.