CVE-2025-27033 - Vulnerability Details

Description

Information disclosure while running video usecase having rogue firmware.

Published: 2025-09-24

Score: 6.1 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Qualcomm, Inc.

Snapdragon

unaffected

Version	Status	Constraints
`QCM5430`	affected	—
`QCM6490`	affected	—
`QCS5430`	affected	—
`QCS6490`	affected	—
`QCM8550`	affected	—
`QCS8550`	affected	—
`QCS615`	affected	—
`QCS9100`	affected	—
`SM6650`	affected	—
`SM7635`	affected	—
`SM8650`	affected	—
`SM8650P`	affected	—
`SM8650Q`	affected	—
`SM7675`	affected	—
`SM7675P`	affected	—
`SM8635`	affected	—
`SM8635P`	affected	—
`SM8750`	affected	—
`SM8750P`	affected	—
`SXR2330P`	affected	—
`WCN6750`	affected	—
`WCN6856`	affected	—
`QCN9274`	affected	—
`WCN7851`	affected	—
`QCA6698AQ`	affected	—
`WCN6650`	affected	—
`WCN6755`	affected	—
`WCN7850`	affected	—
`WCN7880`	affected	—
`WCN7860`	affected	—
`WCN7861`	affected	—
`WCN7881`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs5430:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm8550:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:qcs615_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs615:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:qcs9100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs9100:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:qualcomm:sm6650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6650:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:qualcomm:sm7635_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7635:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:qualcomm:sm8650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8650:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:qualcomm:sm8650p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8650p:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:qualcomm:sm8650q_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8650q:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:qualcomm:sm7675_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7675:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:qualcomm:sm7675p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7675p:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:qualcomm:sm8635_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8635:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:qualcomm:sm8635p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8635p:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:qualcomm:sm8750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8750:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:qualcomm:sm8750p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8750p:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr2330p:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7880:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Qualcomm	Snapdragon	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-30995	Information disclosure while running video usecase having rogue firmware.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00014.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html

History

Thu, 25 Sep 2025 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm qca6698aq Qualcomm qca6698aq Firmware Qualcomm qcm5430 Qualcomm qcm5430 Firmware Qualcomm qcm6490 Qualcomm qcm6490 Firmware Qualcomm qcm8550 Qualcomm qcm8550 Firmware Qualcomm qcn9274 Qualcomm qcn9274 Firmware Qualcomm qcs5430 Qualcomm qcs5430 Firmware Qualcomm qcs615 Qualcomm qcs615 Firmware Qualcomm qcs6490 Qualcomm qcs6490 Firmware Qualcomm qcs8550 Qualcomm qcs8550 Firmware Qualcomm qcs9100 Qualcomm qcs9100 Firmware Qualcomm sm6650 Qualcomm sm6650 Firmware Qualcomm sm7635 Qualcomm sm7635 Firmware Qualcomm sm7675 Qualcomm sm7675 Firmware Qualcomm sm7675p Qualcomm sm7675p Firmware Qualcomm sm8635 Qualcomm sm8635 Firmware Qualcomm sm8635p Qualcomm sm8635p Firmware Qualcomm sm8650 Qualcomm sm8650 Firmware Qualcomm sm8650p Qualcomm sm8650p Firmware Qualcomm sm8650q Qualcomm sm8650q Firmware Qualcomm sm8750 Qualcomm sm8750 Firmware Qualcomm sm8750p Qualcomm sm8750p Firmware Qualcomm sxr2330p Qualcomm sxr2330p Firmware Qualcomm wcn6650 Qualcomm wcn6650 Firmware Qualcomm wcn6750 Qualcomm wcn6750 Firmware Qualcomm wcn6755 Qualcomm wcn6755 Firmware Qualcomm wcn6856 Qualcomm wcn6856 Firmware Qualcomm wcn7850 Qualcomm wcn7850 Firmware Qualcomm wcn7851 Qualcomm wcn7851 Firmware Qualcomm wcn7860 Qualcomm wcn7860 Firmware Qualcomm wcn7861 Qualcomm wcn7861 Firmware Qualcomm wcn7880 Qualcomm wcn7880 Firmware Qualcomm wcn7881 Qualcomm wcn7881 Firmware
CPEs		cpe:2.3:h:qualcomm:qca6698aq:-:::::::* cpe:2.3:h:qualcomm:qcm5430:-:::::::* cpe:2.3:h:qualcomm:qcm6490:-:::::::* cpe:2.3:h:qualcomm:qcm8550:-:::::::* cpe:2.3:h:qualcomm:qcn9274:-:::::::* cpe:2.3:h:qualcomm:qcs5430:-:::::::* cpe:2.3:h:qualcomm:qcs615:-:::::::* cpe:2.3:h:qualcomm:qcs6490:-:::::::* cpe:2.3:h:qualcomm:qcs8550:-:::::::* cpe:2.3:h:qualcomm:qcs9100:-:::::::* cpe:2.3:h:qualcomm:sm6650:-:::::::* cpe:2.3:h:qualcomm:sm7635:-:::::::* cpe:2.3:h:qualcomm:sm7675:-:::::::* cpe:2.3:h:qualcomm:sm7675p:-:::::::* cpe:2.3:h:qualcomm:sm8635:-:::::::* cpe:2.3:h:qualcomm:sm8635p:-:::::::* cpe:2.3:h:qualcomm:sm8650:-:::::::* cpe:2.3:h:qualcomm:sm8650p:-:::::::* cpe:2.3:h:qualcomm:sm8650q:-:::::::* cpe:2.3:h:qualcomm:sm8750:-:::::::* cpe:2.3:h:qualcomm:sm8750p:-:::::::* cpe:2.3:h:qualcomm:sxr2330p:-:::::::* cpe:2.3:h:qualcomm:wcn6650:-:::::::* cpe:2.3:h:qualcomm:wcn6750:-:::::::* cpe:2.3:h:qualcomm:wcn6755:-:::::::* cpe:2.3:h:qualcomm:wcn6856:-:::::::* cpe:2.3:h:qualcomm:wcn7850:-:::::::* cpe:2.3:h:qualcomm:wcn7851:-:::::::* cpe:2.3:h:qualcomm:wcn7860:-:::::::* cpe:2.3:h:qualcomm:wcn7861:-:::::::* cpe:2.3:h:qualcomm:wcn7880:-:::::::* cpe:2.3:h:qualcomm:wcn7881:-:::::::* cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::* cpe:2.3:o:qualcomm:qcm5430_firmware:-:::::::* cpe:2.3:o:qualcomm:qcm6490_firmware:-:::::::* cpe:2.3:o:qualcomm:qcm8550_firmware:-:::::::* cpe:2.3:o:qualcomm:qcn9274_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs5430_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs615_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs6490_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs8550_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs9100_firmware:-:::::::* cpe:2.3:o:qualcomm:sm6650_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7635_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7675_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7675p_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8635_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8635p_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8650_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8650p_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8650q_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8750_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8750p_firmware:-:::::::* cpe:2.3:o:qualcomm:sxr2330p_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6650_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6750_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6755_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn7850_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn7851_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn7860_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn7861_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn7880_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn7881_firmware:-:::::::*
Vendors & Products		Qualcomm qca6698aq Qualcomm qca6698aq Firmware Qualcomm qcm5430 Qualcomm qcm5430 Firmware Qualcomm qcm6490 Qualcomm qcm6490 Firmware Qualcomm qcm8550 Qualcomm qcm8550 Firmware Qualcomm qcn9274 Qualcomm qcn9274 Firmware Qualcomm qcs5430 Qualcomm qcs5430 Firmware Qualcomm qcs615 Qualcomm qcs615 Firmware Qualcomm qcs6490 Qualcomm qcs6490 Firmware Qualcomm qcs8550 Qualcomm qcs8550 Firmware Qualcomm qcs9100 Qualcomm qcs9100 Firmware Qualcomm sm6650 Qualcomm sm6650 Firmware Qualcomm sm7635 Qualcomm sm7635 Firmware Qualcomm sm7675 Qualcomm sm7675 Firmware Qualcomm sm7675p Qualcomm sm7675p Firmware Qualcomm sm8635 Qualcomm sm8635 Firmware Qualcomm sm8635p Qualcomm sm8635p Firmware Qualcomm sm8650 Qualcomm sm8650 Firmware Qualcomm sm8650p Qualcomm sm8650p Firmware Qualcomm sm8650q Qualcomm sm8650q Firmware Qualcomm sm8750 Qualcomm sm8750 Firmware Qualcomm sm8750p Qualcomm sm8750p Firmware Qualcomm sxr2330p Qualcomm sxr2330p Firmware Qualcomm wcn6650 Qualcomm wcn6650 Firmware Qualcomm wcn6750 Qualcomm wcn6750 Firmware Qualcomm wcn6755 Qualcomm wcn6755 Firmware Qualcomm wcn6856 Qualcomm wcn6856 Firmware Qualcomm wcn7850 Qualcomm wcn7850 Firmware Qualcomm wcn7851 Qualcomm wcn7851 Firmware Qualcomm wcn7860 Qualcomm wcn7860 Firmware Qualcomm wcn7861 Qualcomm wcn7861 Firmware Qualcomm wcn7880 Qualcomm wcn7880 Firmware Qualcomm wcn7881 Qualcomm wcn7881 Firmware

Thu, 25 Sep 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 25 Sep 2025 08:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm Qualcomm snapdragon
Vendors & Products		Qualcomm Qualcomm snapdragon

Wed, 24 Sep 2025 15:45:00 +0000

Type	Values Removed	Values Added
Description		Information disclosure while running video usecase having rogue firmware.
Title		Buffer Over-read in Video
Weaknesses		CWE-126
References		https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html
Metrics		cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L'}`

Subscriptions

Qualcomm Qca6698aq Qca6698aq Firmware Qcm5430 Qcm5430 Firmware Qcm6490 Qcm6490 Firmware Qcm8550 Qcm8550 Firmware Qcn9274 Qcn9274 Firmware Qcs5430 Qcs5430 Firmware Qcs615 Qcs615 Firmware Qcs6490 Qcs6490 Firmware Qcs8550 Qcs8550 Firmware Qcs9100 Qcs9100 Firmware Sm6650 Sm6650 Firmware Sm7635 Sm7635 Firmware Sm7675 Sm7675 Firmware Sm7675p Sm7675p Firmware Sm8635 Sm8635 Firmware Sm8635p Sm8635p Firmware Sm8650 Sm8650 Firmware Sm8650p Sm8650p Firmware Sm8650q Sm8650q Firmware Sm8750 Sm8750 Firmware Sm8750p Sm8750p Firmware Snapdragon Sxr2330p Sxr2330p Firmware Wcn6650 Wcn6650 Firmware Wcn6750 Wcn6750 Firmware Wcn6755 Wcn6755 Firmware Wcn6856 Wcn6856 Firmware Wcn7850 Wcn7850 Firmware Wcn7851 Wcn7851 Firmware Wcn7860 Wcn7860 Firmware Wcn7861 Wcn7861 Firmware Wcn7880 Wcn7880 Firmware Wcn7881 Wcn7881 Firmware

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2025-09-24T15:33:39.804Z

Updated: 2025-09-25T13:51:44.063Z

Reserved: 2025-02-18T09:19:46.882Z

Link: CVE-2025-27033

Vulnrichment

Updated: 2025-09-25T13:51:41.718Z

NVD

Status : Analyzed

Published: 2025-09-24T16:15:35.500

Modified: 2025-09-25T16:08:17.913

Link: CVE-2025-27033

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-09-25T08:21:22Z

Weaknesses

CWE-126

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object