ГлавнаяУязвимости → CVE-2025-21486
7.8высокая

CVE-2025-21486

Описание

Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.

Затрагиваемое ПО
Qualcomm Fastconnect 6900 firmwareQualcomm Fastconnect 6900Qualcomm Fastconnect 7800 firmwareQualcomm Fastconnect 7800Qualcomm Qmp1000 firmwareQualcomm Qmp1000Qualcomm Sm8735 firmwareQualcomm Sm8735Qualcomm Sm8750 firmwareQualcomm Sm8750Qualcomm Sm8750p firmwareQualcomm Sm8750pQualcomm Snapdragon w5\+ gen 1 wearable platform firmwareQualcomm Snapdragon w5\+ gen 1 wearable platformQualcomm Sw5100 firmwareQualcomm Sw5100Qualcomm Sw5100p firmwareQualcomm Sw5100pQualcomm Sxr2230p firmwareQualcomm Sxr2230pQualcomm Sxr2250p firmwareQualcomm Sxr2250pQualcomm Sxr2330p firmwareQualcomm Sxr2330pQualcomm Wcd9378 firmware
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html