CVE-2025-27040

Unknown Unknown - Not Provided

BaseFortify

Publication date: 2025-10-09

Last updated on: 2025-10-21

Assigner: Qualcomm, Inc.

Description

Information disclosure may occur while processing the hypervisor log.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2025-10-09

Last Modified

2025-10-21

Generated

2026-05-07

AI Q&A

2025-10-09

EPSS Evaluated

2026-05-05

NVD

CVE-2025-27040

EUVD

EUVD-2025-33243

Affected Vendors & Products

Vendor	Product	Version / Range
qualcomm	csr8811_firmware	*
qualcomm	csr8811	*
qualcomm	immersive_home_214_platform_firmware	*
qualcomm	immersive_home_214_platform	*
qualcomm	immersive_home_216_platform_firmware	*
qualcomm	immersive_home_216_platform	*
qualcomm	immersive_home_316_platform_firmware	*
qualcomm	immersive_home_316_platform	*
qualcomm	immersive_home_318_platform_firmware	*
qualcomm	immersive_home_318_platform	*
qualcomm	ipq5010_firmware	*
qualcomm	ipq5010	*
qualcomm	ipq5028_firmware	*
qualcomm	ipq5028	*
qualcomm	ipq8070_firmware	*
qualcomm	ipq8070	*
qualcomm	ipq8070a_firmware	*
qualcomm	ipq8070a	*
qualcomm	ipq8071_firmware	*
qualcomm	ipq8071	*
qualcomm	ipq8071a_firmware	*
qualcomm	ipq8071a	*
qualcomm	ipq8072_firmware	*
qualcomm	ipq8072	*
qualcomm	ipq8072a_firmware	*
qualcomm	ipq8072a	*
qualcomm	ipq8074_firmware	*
qualcomm	ipq8074	*
qualcomm	ipq8074a_firmware	*
qualcomm	ipq8074a	*
qualcomm	ipq8076_firmware	*
qualcomm	ipq8076	*
qualcomm	ipq8076a_firmware	*
qualcomm	ipq8076a	*
qualcomm	ipq8078_firmware	*
qualcomm	ipq8078	*
qualcomm	ipq8078a_firmware	*
qualcomm	ipq8078a	*
qualcomm	ipq8173_firmware	*
qualcomm	ipq8173	*
qualcomm	ipq8174_firmware	*
qualcomm	ipq8174	*
qualcomm	ipq9008_firmware	*
qualcomm	ipq9008	*
qualcomm	ipq9574_firmware	*
qualcomm	ipq9574	*
qualcomm	pmp8074_firmware	*
qualcomm	pmp8074	*
qualcomm	qca4024_firmware	*
qualcomm	qca4024	*
qualcomm	qca6428_firmware	*
qualcomm	qca6428	*
qualcomm	qca6438_firmware	*
qualcomm	qca6438	*
qualcomm	qca6694_firmware	*
qualcomm	qca6694	*
qualcomm	qca8072_firmware	*
qualcomm	qca8072	*
qualcomm	qca8075_firmware	*
qualcomm	qca8075	*
qualcomm	qca8081_firmware	*
qualcomm	qca8081	*
qualcomm	qca9888_firmware	*
qualcomm	qca9888	*
qualcomm	qca9889_firmware	*
qualcomm	qca9889	*
qualcomm	qca9984_firmware	*
qualcomm	qca9984	*
qualcomm	qcn5022_firmware	*
qualcomm	qcn5022	*
qualcomm	qcn5024_firmware	*
qualcomm	qcn5024	*
qualcomm	qcn5052_firmware	*
qualcomm	qcn5052	*
qualcomm	qcn5054_firmware	*
qualcomm	qcn5054	*
qualcomm	qcn5064_firmware	*
qualcomm	qcn5064	*
qualcomm	qcn5122_firmware	*
qualcomm	qcn5122	*
qualcomm	qcn5124_firmware	*
qualcomm	qcn5124	*
qualcomm	qcn5152_firmware	*
qualcomm	qcn5152	*
qualcomm	qcn5154_firmware	*
qualcomm	qcn5154	*
qualcomm	qcn5164_firmware	*
qualcomm	qcn5164	*
qualcomm	qcn5550_firmware	*
qualcomm	qcn5550	*
qualcomm	qcn6023_firmware	*
qualcomm	qcn6023	*
qualcomm	qcn6024_firmware	*
qualcomm	qcn6024	*
qualcomm	qcn6100_firmware	*
qualcomm	qcn6100	*
qualcomm	qcn6102_firmware	*
qualcomm	qcn6102	*
qualcomm	qcn6112_firmware	*
qualcomm	qcn6112	*
qualcomm	qcn6122_firmware	*
qualcomm	qcn6122	*
qualcomm	qcn6132_firmware	*
qualcomm	qcn6132	*
qualcomm	qcn9000_firmware	*
qualcomm	qcn9000	*
qualcomm	qcn9001_firmware	*
qualcomm	qcn9001	*
qualcomm	qcn9002_firmware	*
qualcomm	qcn9002	*
qualcomm	qcn9003_firmware	*
qualcomm	qcn9003	*
qualcomm	qcn9012_firmware	*
qualcomm	qcn9012	*
qualcomm	qcn9022_firmware	*
qualcomm	qcn9022	*
qualcomm	qcn9024_firmware	*
qualcomm	qcn9024	*
qualcomm	qcn9070_firmware	*
qualcomm	qcn9070	*
qualcomm	qcn9072_firmware	*
qualcomm	qcn9072	*
qualcomm	qcn9074_firmware	*
qualcomm	qcn9074	*
qualcomm	qcn9100_firmware	*
qualcomm	qcn9100	*
qualcomm	qcn9274_firmware	*
qualcomm	qcn9274	*
qualcomm	sdx55_firmware	*
qualcomm	sdx55	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-20	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Attack-Flow Graph

AI Powered Q&A

Can you explain this vulnerability to me?

This vulnerability involves information disclosure that may occur while processing the hypervisor log. It means sensitive information could be exposed due to how the hypervisor handles its logging.

How can this vulnerability impact me? :

The vulnerability can lead to unauthorized disclosure of sensitive information, potentially compromising confidentiality. According to the CVSS score, it requires local access with low complexity and partial privileges, but it can have a high impact on confidentiality.

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2025-27040

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Powered Q&A

Ask Our AI Assistant

EPSS Chart