CVE-2025-21426

CVSS v3 6.6 MEDIUM

6.6^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

emory corruption while processing camera TPG write request.

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

21 Jul 2025, 19:37

Type	Values Removed	Values Added
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html - Patch, Vendor Advisory
Summary		(es) Corrupción de memoria al procesar la solicitud de escritura TPG de la cámara.
First Time		Qualcomm wsa8830 Firmware Qualcomm wsa8832 Firmware Qualcomm wcd9380 Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm ssg2115p Qualcomm wcd9385 Firmware Qualcomm wsa8830 Qualcomm wcd9385 Qualcomm wcd9380 Firmware Qualcomm snapdragon Ar1 Gen 1 Platform Qualcomm wsa8832 Qualcomm sxr1230p Qualcomm sxr1230p Firmware Qualcomm snapdragon Ar1 Gen 1 Platform Firmware Qualcomm Qualcomm wsa8835 Qualcomm ssg2125p Qualcomm ssg2115p Firmware Qualcomm ssg2125p Firmware Qualcomm wsa8835 Firmware
CPE		cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:wcd9385:-:::::::* cpe:2.3:h:qualcomm:ssg2125p:-:::::::* cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::* cpe:2.3:o:qualcomm:ssg2115p_firmware:-:::::::* cpe:2.3:h:qualcomm:sxr1230p:-:::::::* cpe:2.3:h:qualcomm:ssg2115p:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:::::::* cpe:2.3:o:qualcomm:sxr1230p_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8832:-:::::::* cpe:2.3:o:qualcomm:ssg2125p_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::* cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::*

08 Jul 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-08 13:15

Updated : 2025-07-21 19:37

NVD link : CVE-2025-21426

Mitre link : CVE-2025-21426

CVE.ORG link : CVE-2025-21426

JSON object : View

Products Affected

qualcomm

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

6.6 /10