CVE-2025-27033

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-27033

6.1 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

I

nformation disclosure while running video usecase having rogue firmware.

References
Link Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs5430:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcm8550:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:qcs615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs615:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:qcs9100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs9100:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:sm6650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm6650:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sm7635_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7635:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sm8650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8650:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sm8650p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8650p:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sm8650q_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8650q:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:sm7675_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7675:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:sm7675p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7675p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:sm8635_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8635:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sm8635p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8635p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:sm8750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8750:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:sm8750p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8750p:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr2330p:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7880:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*
History

25 Sep 2025, 16:08

Type Values Removed Values Added
New CVE
Information

Published : 2025-09-24 16:15

Updated : 2025-09-25 16:08

NVD link : CVE-2025-27033

Mitre link : CVE-2025-27033

CVE.ORG link : CVE-2025-27033

JSON object : View

Products Affected

qualcomm

CWE
CWE-126

Buffer Over-read