Memory Corruption Vulnerability in Qualcomm Wireless Products
CVE-2025-21428
7.5HIGH
Summary
A memory corruption vulnerability exists that occurs during the process of connecting a Station (STA) to an Access Point (AP). This issue arises when an ADD Traffic Specification (ADD TS) request is initiated from the AP, aimed at establishing a Traffic Specification session. Exploiting this vulnerability could lead to unintended memory manipulation, potentially compromising the integrity and availability of the device’s operations.
Affected Version(s)
Snapdragon Snapdragon Auto 9206 LTE Modem
Snapdragon Snapdragon Auto APQ8017
Snapdragon Snapdragon Auto AR8031
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved