CVE-2025-27033

Unknown Unknown - Not Provided

BaseFortify

Publication date: 2025-09-24

Last updated on: 2025-09-25

Assigner: Qualcomm, Inc.

Description

Information disclosure while running video usecase having rogue firmware.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2025-09-24

Last Modified

2025-09-25

Generated

2026-05-07

AI Q&A

2025-09-24

EPSS Evaluated

2026-05-05

NVD

CVE-2025-27033

Affected Vendors & Products

Vendor	Product	Version / Range
qualcomm	qcm5430_firmware	*
qualcomm	qcm5430	*
qualcomm	qcm6490_firmware	*
qualcomm	qcm6490	*
qualcomm	qcs5430_firmware	*
qualcomm	qcs5430	*
qualcomm	qcs6490_firmware	*
qualcomm	qcs6490	*
qualcomm	qcm8550_firmware	*
qualcomm	qcm8550	*
qualcomm	qcs8550_firmware	*
qualcomm	qcs8550	*
qualcomm	qcs615_firmware	*
qualcomm	qcs615	*
qualcomm	qcs9100_firmware	*
qualcomm	qcs9100	*
qualcomm	sm6650_firmware	*
qualcomm	sm6650	*
qualcomm	sm7635_firmware	*
qualcomm	sm7635	*
qualcomm	sm8650_firmware	*
qualcomm	sm8650	*
qualcomm	sm8650p_firmware	*
qualcomm	sm8650p	*
qualcomm	sm8650q_firmware	*
qualcomm	sm8650q	*
qualcomm	sm7675_firmware	*
qualcomm	sm7675	*
qualcomm	sm7675p_firmware	*
qualcomm	sm7675p	*
qualcomm	sm8635_firmware	*
qualcomm	sm8635	*
qualcomm	sm8635p_firmware	*
qualcomm	sm8635p	*
qualcomm	sm8750_firmware	*
qualcomm	sm8750	*
qualcomm	sm8750p_firmware	*
qualcomm	sm8750p	*
qualcomm	sxr2330p_firmware	*
qualcomm	sxr2330p	*
qualcomm	wcn6750_firmware	*
qualcomm	wcn6750	*
qualcomm	wcn6856_firmware	*
qualcomm	wcn6856	*
qualcomm	qcn9274_firmware	*
qualcomm	qcn9274	*
qualcomm	wcn7851_firmware	*
qualcomm	wcn7851	*
qualcomm	qca6698aq_firmware	*
qualcomm	qca6698aq	*
qualcomm	wcn6650_firmware	*
qualcomm	wcn6650	*
qualcomm	wcn6755_firmware	*
qualcomm	wcn6755	*
qualcomm	wcn7850_firmware	*
qualcomm	wcn7850	*
qualcomm	wcn7880_firmware	*
qualcomm	wcn7880	*
qualcomm	wcn7860_firmware	*
qualcomm	wcn7860	*
qualcomm	wcn7861_firmware	*
qualcomm	wcn7861	*
qualcomm	wcn7881_firmware	*
qualcomm	wcn7881	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-126	The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

Attack-Flow Graph

AI Powered Q&A

Can you explain this vulnerability to me?

This vulnerability involves information disclosure that occurs when running a video use case with rogue firmware present. Essentially, unauthorized or malicious firmware can cause sensitive information to be exposed during video processing.

How can this vulnerability impact me? :

The impact of this vulnerability is primarily information disclosure, meaning sensitive data could be exposed to unauthorized parties. This could compromise confidentiality and potentially lead to further security issues.

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2025-27033

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Powered Q&A

Ask Our AI Assistant

EPSS Chart