A buffer over-read occurs in Qualcomm WLAN firmware when the driver processes non‑standard FILS Discovery Frames with action sizes that exceed the expected range. The flaw allows the firmware to read beyond the allocated buffer boundaries during the initial scan phase, leading to a transient denial‑of‑service state in which the wireless interface becomes unresponsive. The weakness is a classic buffer over‑read (CWE‑126) and can cause the device to reboot or lose network connectivity without crashing the system.

The issue affects a large range of Qualcomm hardware. Firmware for Qualcomm Snapdragon mobile platforms, including the Snapdragon 6‑gen‑1, Snapdragon 7‑gen‑1 and Snapdragon 8‑elite families, as well as various Wi‑Fi and 5G modem chips such as the AR8035, COLOGNE, CSR8811, FastConnect 6200/6700/6900/7800, and many other listed product families, is vulnerable. The vulnerability impacts any device that runs the affected Qualcomm firmware and processes WLAN Discovery Frames during initial scans.

The CVSS base score of 7.6 categorises the flaw as high severity. The EPSS score of less than 1 % indicates a low probability of widespread exploitation in the near term, and the vulnerability has not been listed in the CISA KEV catalog. The attack vector is inferred to be remote over the wireless medium; an attacker could inject malformed FILS frames from nearby to trigger the over‑read during the device's initial scan. Exploitation would cause a temporary denial of service but would not grant privilege escalation or data breach. Despite the low exploit likelihood, the potential impact on service availability warrants prompt remediation.