CVE-2025-27036
BaseFortify
Publication date: 2025-09-24
Last updated on: 2025-09-25
Assigner: Qualcomm, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | fastconnect_6700_firmware | * |
| qualcomm | fastconnect_6700 | * |
| qualcomm | fastconnect_6900_firmware | * |
| qualcomm | fastconnect_6900 | * |
| qualcomm | fastconnect_7800_firmware | * |
| qualcomm | fastconnect_7800 | * |
| qualcomm | qcm5430_firmware | * |
| qualcomm | qcm5430 | * |
| qualcomm | qcm6490_firmware | * |
| qualcomm | qcm6490 | * |
| qualcomm | qcs5430_firmware | * |
| qualcomm | qcs5430 | * |
| qualcomm | qcs6490_firmware | * |
| qualcomm | qcs6490 | * |
| qualcomm | video_collaboration_vc3_platform_firmware | * |
| qualcomm | video_collaboration_vc3_platform | * |
| qualcomm | sc8380xp_firmware | * |
| qualcomm | sc8380xp | * |
| qualcomm | snapdragon_7c\+_gen_3_compute_firmware | * |
| qualcomm | snapdragon_7c\+_gen_3_compute | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\) | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\) | * |
| qualcomm | wcd9370_firmware | * |
| qualcomm | wcd9370 | * |
| qualcomm | wcd9375_firmware | * |
| qualcomm | wcd9375 | * |
| qualcomm | wcd9380_firmware | * |
| qualcomm | wcd9380 | * |
| qualcomm | wcd9385_firmware | * |
| qualcomm | wcd9385 | * |
| qualcomm | wsa8830_firmware | * |
| qualcomm | wsa8830 | * |
| qualcomm | wsa8835_firmware | * |
| qualcomm | wsa8835 | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8840 | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845 | * |
| qualcomm | wsa8845h_firmware | * |
| qualcomm | wsa8845h | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-126 | The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves information disclosure that occurs when the Video engine processes input data that is smaller than the expected minimum size, potentially allowing unintended access to sensitive information.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of sensitive information, which may compromise confidentiality and potentially expose private data to attackers.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability could negatively impact compliance with standards and regulations such as GDPR and HIPAA by risking unauthorized disclosure of sensitive personal or health information, thereby violating data protection requirements.