Information Disclosure Vulnerability in Qualcomm Products
CVE-2025-21431

4.7MEDIUM

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 7 April 2025

What is CVE-2025-21431?

An information disclosure vulnerability allows unauthorized access to sensitive data when a guest virtual machine (VM) interacts within the Qualcomm Virtualization Platform. This risk arises during the operation of guest VMs, potentially exposing confidential information to other virtual machines or malicious actors. Users of the affected products should ensure appropriate security measures are in place to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Snapdragon Snapdragon Auto QAM8255P

Snapdragon Snapdragon Auto QAM8295P

Snapdragon Snapdragon Auto QAM8620P

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 7, 2025
Vulnerability Reserved
Dec 18, 2024

JSON

Qualcomm

What is CVE-2025-21431?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.