Main Vulnerability Database Vulnerabilities #VU114655

#VU114655 Buffer over-read in Qualcomm products - CVE-2025-27033

Published: September 1, 2025

Vulnerability identifier: #VU114655

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-27033

CWE-ID: CWE-126

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
QCM5430
QCM6490
QCS5430
QCS6490
QCM8550
QCS8550
QCS615
QCS9100
SM6650
SM7635
SM8650
SM8650P
SM8650Q
SM7675
SM7675P
SM8635
SM8635P
SM8750
SM8750P
SXR2330P
WCN6750
WCN6856
QCN9274
WCN7851
QCA6698AQ
WCN6650
WCN6755
WCN7850
WCN7880
WCN7860
WCN7861
WCN7881

Software vendor:
Qualcomm

Description

The vulnerability allows a local application to read and manipulate data.

The vulnerability exists due to improper input validation in Video. A local application can read and manipulate data.

Remediation

Install security update from vendor's website.

External links

https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html

#VU114655 Buffer over-read in Qualcomm products - CVE-2025-27033

Description

Remediation

External links

Please verify you're human