← Back

CVE-2025-21473

nvd nist
Published: Aug 6, 2025Modified: Aug 19, 2025

JSON object

Loading...
7.0
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: NVD

Description

Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.

Affected (6)

Qualcomm
6 products
Fastconnect 6900 Firmware
Fastconnect 7800 Firmware
Snapdragon 8 Gen 1 Mobile Platform Firmware
Wcd9380 Firmware
Wsa8830 Firmware
Wsa8835 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Fastconnect 6900 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Fastconnect 6900
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Fastconnect 7800 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Fastconnect 7800
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Snapdragon 8 Gen 1 Mobile Platform Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Snapdragon 8 Gen 1 Mobile Platform
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcd9380 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcd9380
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wsa8830 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wsa8830
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wsa8835 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wsa8835
All versions

Related CWEs

CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

References (1)

Source: product-security@qualcomm.com
Vendor Advisory

Timeline

No history available yet.