CVE-2025-27045
BaseFortify
Publication date: 2025-10-09
Last updated on: 2025-11-05
Assigner: Qualcomm, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | fastconnect_6900_firmware | * |
| qualcomm | fastconnect_6900 | * |
| qualcomm | fastconnect_7800_firmware | * |
| qualcomm | fastconnect_7800 | * |
| qualcomm | qcc2072_firmware | * |
| qualcomm | qcc2072 | * |
| qualcomm | sc8380xp_firmware | * |
| qualcomm | sc8380xp | * |
| qualcomm | wcd9378c_firmware | * |
| qualcomm | wcd9378c | * |
| qualcomm | wcd9380_firmware | * |
| qualcomm | wcd9380 | * |
| qualcomm | wcd9385_firmware | * |
| qualcomm | wcd9385 | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8840 | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845 | * |
| qualcomm | wsa8845h_firmware | * |
| qualcomm | wsa8845h | * |
| qualcomm | x2000077_firmware | * |
| qualcomm | x2000077 | * |
| qualcomm | x2000086_firmware | * |
| qualcomm | x2000086 | * |
| qualcomm | x2000090_firmware | * |
| qualcomm | x2000090 | * |
| qualcomm | x2000092_firmware | * |
| qualcomm | x2000092 | * |
| qualcomm | x2000094_firmware | * |
| qualcomm | x2000094 | * |
| qualcomm | xg101002_firmware | * |
| qualcomm | xg101002 | * |
| qualcomm | xg101032_firmware | * |
| qualcomm | xg101032 | * |
| qualcomm | xg101039_firmware | * |
| qualcomm | xg101039 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-126 | The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves information disclosure that occurs during the processing of batch command execution in a video driver. It means that sensitive information could be exposed unintentionally when the video driver handles multiple commands at once.
How can this vulnerability impact me? :
The impact of this vulnerability is primarily information disclosure, which could lead to unauthorized access to sensitive data. According to the CVSS score, it has a high impact on confidentiality, potentially allowing attackers with limited privileges to gain access to information they should not see, though it does not affect integrity and has limited impact on availability.