Main Vulnerability Database Vulnerabilities #VU114654

#VU114654 Buffer over-read in Qualcomm products - CVE-2025-27030

Published: September 1, 2025

Vulnerability identifier: #VU114654

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-27030

CWE-ID: CWE-126

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
C-V2X 9150
QAM8295P
QCA6584AU
QCA6696
QCA6698AQ
QCA9367
QCN9074
QCS410
QCS610
QSM8250
Qualcomm Video Collaboration VC1 Platform
Qualcomm Video Collaboration VC3 Platform
SA6145P
SA6150P
SA8145P
SA8150P
SA8155P
SA8195P
SA8295P
SA8530P
Snapdragon Auto 5G Modem-RF
Snapdragon Auto 5G Modem-RF Gen 2
SW5100
SW5100P
WCD9341
WCD9370
WCN3660B
WCN3680B
WCN3950
WCN3980
WCN3988
WSA8810
WSA8815
WSA8830
WSA8835
QCA6574AU
QCA9377
SA6155P
SA8540P
SA9000P
SDX55

Software vendor:
Qualcomm

Description

The vulnerability allows a local application to read and manipulate data.

The vulnerability exists due to improper input validation in Audio. A local application can read and manipulate data.

Remediation

Install security update from vendor's website.

External links

https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html

#VU114654 Buffer over-read in Qualcomm products - CVE-2025-27030

Description

Remediation

External links

Please verify you're human