Memory Corruption in Bluetooth Host by Qualcomm
CVE-2025-27075

7.8HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-27075?

A vulnerability exists in Qualcomm's Bluetooth Host software that can lead to memory corruption. This occurs when the system processes IOCTL commands with larger-than-expected buffer sizes. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or disrupt service on the affected device. It is crucial for users of the impacted software versions to apply patches and updates provided by Qualcomm to mitigate potential risks.

Affected Version(s)

Snapdragon Snapdragon Compute AQT1000

Snapdragon Snapdragon Compute FastConnect 6200

Snapdragon Snapdragon Compute FastConnect 6700

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Feb 18, 2025