Buffer Overflow Vulnerability in PLC Firmware by Qualcomm
CVE-2026-25293

9.6CRITICAL

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 4 May 2026

What is CVE-2026-25293?

A buffer overflow vulnerability has been identified in Qualcomm's PLC firmware, caused by improper authorization checks. This flaw could potentially allow attackers to exploit the system, leading to unexpected behavior or service disruption. It is crucial for users and administrators to apply the necessary patches and adhere to security best practices to mitigate the risks associated with this vulnerability.

Affected Version(s)

Snapdragon Snapdragon Auto QCA7005

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

9.6

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 4, 2026
Vulnerability Reserved
Feb 2, 2026

CVE-2026-25293 Data

JSON