CVE-2025-21457

MEDIUM EPSS 0.2%
Published Aug 6, 202510mo ago ยท Modified Jun 17, 20261w ago
6.1 CVSS 3.1
Medium
Find Similar
Published Aug 6, 2025 10mo ago
Last Modified Jun 17, 2026 1w ago

Description

Information disclosure while opening a fastrpc session when domain is not sanitized.

CVSS Details

Base Score
6.1
Exploitability
1.8
Impact
4.2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability Low

Threat Intelligence

EPSS Exploit Probability
0.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-126

Affected Products 30

VendorProductVersionRange
qualcommar8035_firmware*any
qualcommar8035*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommqca6584au_firmware*any
qualcommqca6584au*any
qualcommqca6698aq_firmware*any
qualcommqca6698aq*any
qualcommqca8081_firmware*any
qualcommqca8081*any
qualcommqca8337_firmware*any
qualcommqca8337*any
qualcommqcc710_firmware*any
qualcommqcc710*any
qualcommqcn6224_firmware*any
qualcommqcn6224*any
qualcommqcn6274_firmware*any
qualcommqcn6274*any
qualcommqfw7114_firmware*any
qualcommqfw7114*any
qualcommqfw7124_firmware*any
qualcommqfw7124*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2_firmware*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2*any
qualcommsnapdragon_x72_5g_modem-rf_system_firmware*any
qualcommsnapdragon_x72_5g_modem-rf_system*any
qualcommsnapdragon_x75_5g_modem-rf_system_firmware*any
qualcommsnapdragon_x75_5g_modem-rf_system*any
qualcommwcd9340_firmware*any
qualcommwcd9340*any

References 1

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
    PatchVendor Advisory

Remediation

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
    PatchVendor Advisory