CVE-2025-21457

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-21457
Information disclosure while opening a fastrpc session when domain is not sanitized.

6.1 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html Vendor Advisory Patch
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:qcc710_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcc710:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6224:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6274:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:qfw7114_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfw7114:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:qfw7124_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfw7124:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_x72_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x72_5g_modem-rf_system:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_x75_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x75_5g_modem-rf_system:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*
History

19 Aug 2025, 13:21

Type Values Removed Values Added
References () https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html - () https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html - Vendor Advisory, Patch
First Time Qualcomm qcn6224 Firmware
Qualcomm qca6698aq
Qualcomm snapdragon Auto 5g Modem-rf Gen 2
Qualcomm qfw7124
Qualcomm ar8035 Firmware
Qualcomm snapdragon X75 5g Modem-rf System Firmware
Qualcomm qcn6274 Firmware
Qualcomm qfw7114
Qualcomm qcc710 Firmware
Qualcomm qca8337 Firmware
Qualcomm snapdragon X75 5g Modem-rf System
Qualcomm snapdragon X72 5g Modem-rf System Firmware
Qualcomm qca8337
Qualcomm qfw7124 Firmware
Qualcomm qca6584au
Qualcomm qcc710
Qualcomm snapdragon X72 5g Modem-rf System
Qualcomm qca8081
Qualcomm fastconnect 7800 Firmware
Qualcomm qca6584au Firmware
Qualcomm wcd9340
Qualcomm
Qualcomm qcn6224
Qualcomm fastconnect 7800
Qualcomm qca6698aq Firmware
Qualcomm qca8081 Firmware
Qualcomm qfw7114 Firmware
Qualcomm wcd9340 Firmware
Qualcomm qcn6274
Qualcomm snapdragon Auto 5g Modem-rf Gen 2 Firmware
Qualcomm ar8035
CPE cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfw7114:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qfw7124_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x72_5g_modem-rf_system:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_x72_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfw7124:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6224:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x75_5g_modem-rf_system:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6274:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcc710_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcc710:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_x75_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qfw7114_firmware:-:*:*:*:*:*:*:*

06 Aug 2025, 20:23

Type Values Removed Values Added
Summary
  • (es) Divulgación de información al abrir una sesión fastrpc cuando el dominio no está depurado.

06 Aug 2025, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-06 08:15

Updated : 2025-08-19 13:21

NVD link : CVE-2025-21457

Mitre link : CVE-2025-21457

CVE.ORG link : CVE-2025-21457

JSON object : View

Products Affected

qualcomm

  • snapdragon_x75_5g_modem-rf_system
  • qfw7114_firmware
  • qcc710
  • qca8337_firmware
  • qcc710_firmware
  • qcn6274
  • ar8035_firmware
  • snapdragon_x72_5g_modem-rf_system
  • qcn6224
  • ar8035
  • qfw7124
  • qca6698aq
  • snapdragon_x75_5g_modem-rf_system_firmware
  • qfw7114
  • qca8337
  • qca8081
  • snapdragon_x72_5g_modem-rf_system_firmware
  • fastconnect_7800
  • qca6584au
  • qca8081_firmware
  • wcd9340_firmware
  • wcd9340
  • qcn6274_firmware
  • snapdragon_auto_5g_modem-rf_gen_2_firmware
  • fastconnect_7800_firmware
  • qca6698aq_firmware
  • qcn6224_firmware
  • qca6584au_firmware
  • qfw7124_firmware
  • snapdragon_auto_5g_modem-rf_gen_2
CWE
CWE-126

Buffer Over-read