CVE-2025-27059

Unknown Unknown - Not Provided

BaseFortify

Publication date: 2025-10-09

Last updated on: 2025-10-21

Assigner: Qualcomm, Inc.

Description

Memory corruption while performing SCM call.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2025-10-09

Last Modified

2025-10-21

Generated

2026-05-07

AI Q&A

2025-10-09

EPSS Evaluated

2026-05-05

NVD

CVE-2025-27059

Affected Vendors & Products

Vendor	Product	Version / Range
qualcomm	immersive_home_214_platform_firmware	*
qualcomm	immersive_home_214_platform	*
qualcomm	immersive_home_216_platform_firmware	*
qualcomm	immersive_home_216_platform	*
qualcomm	immersive_home_316_platform_firmware	*
qualcomm	immersive_home_316_platform	*
qualcomm	immersive_home_318_platform_firmware	*
qualcomm	immersive_home_318_platform	*
qualcomm	ipq5010_firmware	*
qualcomm	ipq5010	*
qualcomm	ipq5028_firmware	*
qualcomm	ipq5028	*
qualcomm	qcn6023_firmware	*
qualcomm	qcn6023	*
qualcomm	qcn6024_firmware	*
qualcomm	qcn6024	*
qualcomm	qcn6100_firmware	*
qualcomm	qcn6100	*
qualcomm	qcn6102_firmware	*
qualcomm	qcn6102	*
qualcomm	qcn6112_firmware	*
qualcomm	qcn6112	*
qualcomm	qcn6122_firmware	*
qualcomm	qcn6122	*
qualcomm	qcn6132_firmware	*
qualcomm	qcn6132	*
qualcomm	qcn9000_firmware	*
qualcomm	qcn9000	*
qualcomm	qcn9001_firmware	*
qualcomm	qcn9001	*
qualcomm	qcn9002_firmware	*
qualcomm	qcn9002	*
qualcomm	qcn9003_firmware	*
qualcomm	qcn9003	*
qualcomm	qcn9012_firmware	*
qualcomm	qcn9012	*
qualcomm	qcn9022_firmware	*
qualcomm	qcn9022	*
qualcomm	qcn9024_firmware	*
qualcomm	qcn9024	*
qualcomm	qcn9070_firmware	*
qualcomm	qcn9070	*
qualcomm	qcn9072_firmware	*
qualcomm	qcn9072	*
qualcomm	qcn9074_firmware	*
qualcomm	qcn9074	*
qualcomm	qcn9100_firmware	*
qualcomm	qcn9100	*
qualcomm	qcn9274_firmware	*
qualcomm	qcn9274	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-823	The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

Attack-Flow Graph

AI Powered Q&A

Can you explain this vulnerability to me?

This vulnerability is a memory corruption issue that occurs during a Secure Channel Manager (SCM) call. Memory corruption can lead to unexpected behavior, crashes, or exploitation by attackers.

How can this vulnerability impact me? :

The vulnerability has a high impact as indicated by its CVSS score of 8.8. It can lead to confidentiality, integrity, and availability being compromised, potentially allowing attackers to execute arbitrary code or cause system crashes.

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2025-27059

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Powered Q&A

Ask Our AI Assistant

EPSS Chart