ГлавнаяУязвимости → CVE-2025-21487
8.2высокая

CVE-2025-21487

Описание

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length.

Затрагиваемое ПО
Qualcomm Apq8017 firmwareQualcomm Apq8017Qualcomm Apq8064au firmwareQualcomm Apq8064auQualcomm Aqt1000 firmwareQualcomm Aqt1000Qualcomm Fastconnect 6200 firmwareQualcomm Fastconnect 6200Qualcomm Fastconnect 6700 firmwareQualcomm Fastconnect 6700Qualcomm Snapdragon 460 mobile platform firmwareQualcomm Snapdragon 460 mobile platformQualcomm Snapdragon 480 5g mobile platform firmwareQualcomm Snapdragon 480 5g mobile platformQualcomm Snapdragon 480\+ 5g mobile platform \(sm4350-ac\) firmwareQualcomm Snapdragon 480\+ 5g mobile platform \(sm4350-ac\)Qualcomm Snapdragon 625 mobile platform firmwareQualcomm Snapdragon 625 mobile platformQualcomm Snapdragon 626 mobile platform firmwareQualcomm Snapdragon 626 mobile platformQualcomm Snapdragon 630 mobile platform firmwareQualcomm Snapdragon 630 mobile platformQualcomm Snapdragon 632 mobile platform firmwareQualcomm Snapdragon 632 mobile platformQualcomm Snapdragon 636 mobile platform firmware
CVSS
Балл8.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Источники
https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html