#VU110045 Use After Free in Qualcomm products - CVE-2025-27038


Vulnerability identifier: #VU110045

Vulnerability risk: Critical

CVSSv4.0: 7.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2025-27038

CWE-ID: CWE-416

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
AR8031
Mobile applications / Mobile firmware & hardware
CSRA6620
Mobile applications / Mobile firmware & hardware
CSRA6640
Mobile applications / Mobile firmware & hardware
FastConnect 7800
Mobile applications / Mobile firmware & hardware
QCA2066
Mobile applications / Mobile firmware & hardware
QCA6391
Mobile applications / Mobile firmware & hardware
QCM6125
Mobile applications / Mobile firmware & hardware
QCM8550
Mobile applications / Mobile firmware & hardware
QCN9011
Mobile applications / Mobile firmware & hardware
QCN9012
Mobile applications / Mobile firmware & hardware
QCS6125
Mobile applications / Mobile firmware & hardware
QCS8550
Mobile applications / Mobile firmware & hardware
Qualcommr Video Collaboration VC1 Platform
Mobile applications / Mobile firmware & hardware
SM6475
Mobile applications / Mobile firmware & hardware
SM6650
Mobile applications / Mobile firmware & hardware
SM6650P
Mobile applications / Mobile firmware & hardware
SM7435
Mobile applications / Mobile firmware & hardware
SM7635
Mobile applications / Mobile firmware & hardware
SM7635P
Mobile applications / Mobile firmware & hardware
Smart Audio 400 Platform
Mobile applications / Mobile firmware & hardware
Snapdragon 4 Gen 2 Mobile Platform
Mobile applications / Mobile firmware & hardware
Snapdragon 6 Gen 1 Mobile Platform
Mobile applications / Mobile firmware & hardware
Snapdragon 680 4G Mobile Platform
Mobile applications / Mobile firmware & hardware
Snapdragon 685 4G Mobile Platform (SM6225-AD)
Mobile applications / Mobile firmware & hardware
Snapdragon W5+ Gen 1 Wearable Platform
Mobile applications / Mobile firmware & hardware
SW5100
Mobile applications / Mobile firmware & hardware
SW5100P
Mobile applications / Mobile firmware & hardware
WCD9335
Mobile applications / Mobile firmware & hardware
WCD9370
Mobile applications / Mobile firmware & hardware
WCD9375
Mobile applications / Mobile firmware & hardware
WCD9378
Mobile applications / Mobile firmware & hardware
WCD9385
Mobile applications / Mobile firmware & hardware
WCD9395
Mobile applications / Mobile firmware & hardware
WCN3950
Mobile applications / Mobile firmware & hardware
WCN3980
Mobile applications / Mobile firmware & hardware
WCN3988
Mobile applications / Mobile firmware & hardware
WCN6650
Mobile applications / Mobile firmware & hardware
WCN6740
Mobile applications / Mobile firmware & hardware
WCN6755
Mobile applications / Mobile firmware & hardware
WSA8810
Mobile applications / Mobile firmware & hardware
WSA8815
Mobile applications / Mobile firmware & hardware
WSA8830
Mobile applications / Mobile firmware & hardware
WSA8835
Mobile applications / Mobile firmware & hardware
WSA8832
Hardware solutions / Firmware

Vendor: Qualcomm

Description

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to improper input validation in Graphics. A remote attacker can execute arbitrary code.

Note, the vulnerability is being actively exploited in the wild.

Mitigation
Install security update from vendor's website.

Vulnerable software versions

AR8031: All versions

CSRA6620: All versions

CSRA6640: All versions

FastConnect 7800: All versions

QCA2066: All versions

QCA6391: All versions

QCM6125: All versions

QCM8550: All versions

QCN9011: All versions

QCN9012: All versions

QCS6125: All versions

QCS8550: All versions

Qualcommr Video Collaboration VC1 Platform: All versions

SM6475: All versions

SM6650: All versions

SM6650P: All versions

SM7435: All versions

SM7635: All versions

SM7635P: All versions

Smart Audio 400 Platform: All versions

Snapdragon 4 Gen 2 Mobile Platform: All versions

Snapdragon 6 Gen 1 Mobile Platform: All versions

Snapdragon 680 4G Mobile Platform: All versions

Snapdragon 685 4G Mobile Platform (SM6225-AD): All versions

Snapdragon W5+ Gen 1 Wearable Platform: All versions

SW5100: All versions

SW5100P: All versions

WCD9335: All versions

WCD9370: All versions

WCD9375: All versions

WCD9378: All versions

WCD9385: All versions

WCD9395: All versions

WCN3950: All versions

WCN3980: All versions

WCN3988: All versions

WCN6650: All versions

WCN6740: All versions

WCN6755: All versions

WSA8810: All versions

WSA8815: All versions

WSA8830: All versions

WSA8832: All versions

WSA8835: All versions

External links
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Qualcomm chipsets