CVE-2025-59601
Received
Received - Intake
Information Disclosure in Qualcomm Powerline Device Firmware
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: Qualcomm, Inc.
Description
Description
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1230 | The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to sensitive device configuration information. This could allow attackers to learn about device settings, potentially enabling further attacks or misuse of the device.
Can you explain this vulnerability to me?
This vulnerability involves information disclosure that occurs when a device is reset to its factory default settings through the powerline interface. During this reset process, unauthorized users can gain access to the device's configuration.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70