CVE-2025-21424
HIGH
2025-03-03
[email protected]
7.8
CVSS 3.1
Share
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Lifecycle Timeline
3
Analysis Generated
Mar 28, 2026 - 18:29 vuln.today
Patch Released
Mar 28, 2026 - 18:29 nvd
Patch available
CVE Published
Mar 03, 2025 - 11:15 nvd
HIGH 7.8
Tags
Use After Free
Memory Corruption
Buffer Overflow
315 5g Iot Modem Firmware
Aqt1000 Firmware
Ar8031 Firmware
Ar8035 Firmware
C V2x 9150 Firmware
Sg4150p Firmware
Sg8275p Firmware
Sm4125 Firmware
Sm4635 Firmware
Sm6250 Firmware
Sm6370 Firmware
Sm6650 Firmware
Sm7250p Firmware
Sm7315 Firmware
Sm7325p Firmware
Sm7635 Firmware
Sm7675 Firmware
Sm7675p Firmware
Sm8550p Firmware
Sm8635 Firmware
Sm8635p Firmware
Sm8650q Firmware
Smart Audio 400 Firmware
Snapdragon 4 Gen 1 Firmware
Snapdragon 439 Firmware
Snapdragon 460 Firmware
Snapdragon 480 5G Firmware
Snapdragon 660 Firmware
Snapdragon 662 Firmware
Snapdragon 675 Firmware
Snapdragon 678 Firmware
Snapdragon 680 4G Firmware
Snapdragon 685 4G Firmware
Snapdragon 690 5G Firmware
Snapdragon 695 5G Firmware
Snapdragon 720G Firmware
Snapdragon 730 Firmware
Snapdragon 730G Firmware
Snapdragon 732G Firmware
Snapdragon 750G 5G Firmware
Snapdragon 765 5G Firmware
Snapdragon 765G 5G Firmware
Snapdragon 768G 5G Firmware
Snapdragon 778G 5G Firmware
Csra6620 Firmware
Csra6640 Firmware
Fastconnect 6200 Firmware
Fastconnect 6700 Firmware
Fastconnect 6800 Firmware
Fastconnect 6900 Firmware
Fastconnect 7800 Firmware
Flight Rb5 5g Firmware
Mdm9628 Firmware
Qam8255p Firmware
Qam8295p Firmware
Qam8620p Firmware
Qam8650p Firmware
Qam8775p Firmware
Qamsrv1h Firmware
Qamsrv1m Firmware
Qca6174a Firmware
Qca6391 Firmware
Qca6420 Firmware
Qca6426 Firmware
Qca6430 Firmware
Qca6436 Firmware
Qca6564 Firmware
Qca6564a Firmware
Qca6564au Firmware
Qca6574 Firmware
Qca6574a Firmware
Qca6574au Firmware
Qca6584au Firmware
Qca6595 Firmware
Qca6595au Firmware
Qca6678aq Firmware
Qca6688aq Firmware
Qca6696 Firmware
Qca6698aq Firmware
Qca6797aq Firmware
Qca8081 Firmware
Qca8337 Firmware
Qca9377 Firmware
Qcc710 Firmware
Snapdragon 780G 5G Firmware
Snapdragon 782G Firmware
Snapdragon 7C Gen 3 Compute Firmware
Snapdragon 8 Gen 1 Firmware
Snapdragon 8 Gen 2 Firmware
Snapdragon 8 Gen 3 Firmware
Snapdragon 855 Firmware
Snapdragon 860 Firmware
Snapdragon 865 5G Firmware
Snapdragon 870 5G Firmware
Snapdragon 888 5G Firmware
Snapdragon Auto 5g Modem Rf Firmware
Snapdragon Auto 5g Modem Rf Gen 2 Firmware
Snapdragon W5 Gen 1 Wearable Firmware
Snapdragon X12 Lte Firmware
Snapdragon X35 5G Firmware
Snapdragon X50 5G Firmware
Snapdragon X55 5G Firmware
Snapdragon X62 5G Firmware
Snapdragon X65 5G Firmware
Snapdragon X72 5G Firmware
Snapdragon X75 5G Firmware
Snapdragon Xr2 5g Firmware
Snapdragon Xr2 Gen 1 Firmware
Snapdragon Auto 4g Firmware
Srv1h Firmware
Srv1l Firmware
Srv1m Firmware
Sw5100 Firmware
Sw5100p Firmware
Sxr2130 Firmware
Sxr2330p Firmware
Vision Intelligence 400 Firmware
Wcd9326 Firmware
Wcd9335 Firmware
Qcm2150 Firmware
Qcm2290 Firmware
Qcm4290 Firmware
Qcm4325 Firmware
Qcm5430 Firmware
Qcm6125 Firmware
Qcm6490 Firmware
Qcm8550 Firmware
Qcn6024 Firmware
Qcn6224 Firmware
Qcn6274 Firmware
Qcn9011 Firmware
Qcn9012 Firmware
Qcn9024 Firmware
Qcn9074 Firmware
Qcs2290 Firmware
Qcs410 Firmware
Qcs4290 Firmware
Qcs5430 Firmware
Qcs610 Firmware
Qcs6125 Firmware
Qcs6490 Firmware
Qcs7230 Firmware
Qcs8155 Firmware
Qcs8250 Firmware
Qcs8550 Firmware
Qdu1000 Firmware
Qdu1010 Firmware
Qdu1110 Firmware
Qdu1210 Firmware
Qdx1010 Firmware
Qdx1011 Firmware
Qep8111 Firmware
Qfw7114 Firmware
Qfw7124 Firmware
Qrb5165m Firmware
Qrb5165n Firmware
Qru1032 Firmware
Qru1052 Firmware
Qru1062 Firmware
Wcd9340 Firmware
Wcd9341 Firmware
Wcd9360 Firmware
Wcd9370 Firmware
Wcd9371 Firmware
Wcd9375 Firmware
Wcd9378 Firmware
Wcd9380 Firmware
Wcd9385 Firmware
Wcd9390 Firmware
Wcd9395 Firmware
Wcn3615 Firmware
Wcn3660b Firmware
Wcn3680 Firmware
Wcn3680b Firmware
Wcn3910 Firmware
Wcn3950 Firmware
Wcn3980 Firmware
Wcn3988 Firmware
Wcn3990 Firmware
Wcn6450 Firmware
Wcn6650 Firmware
Wcn6740 Firmware
Wcn6755 Firmware
Wcn7861 Firmware
Wcn7881 Firmware
Wsa8810 Firmware
Wsa8815 Firmware
Wsa8830 Firmware
Wsa8832 Firmware
Wsa8835 Firmware
Wsa8840 Firmware
Wsa8845 Firmware
Wsa8845h Firmware
Qsm8250 Firmware
Qsm8350 Firmware
215 Firmware
Video Collaboration Vc1 Platform Firmware
Video Collaboration Vc3 Platform Firmware
Video Collaboration Vc5 Platform Firmware
Robotics Rb2 Firmware
Robotics Rb5 Firmware
Sa2150p Firmware
Sa4150p Firmware
Sa4155p Firmware
Sa6145p Firmware
Sa6150p Firmware
Sa6155 Firmware
Sa6155p Firmware
Sa7255p Firmware
Sa7775p Firmware
Sa8145p Firmware
Sa8150p Firmware
Sa8155 Firmware
Sa8155p Firmware
Sa8195p Firmware
Sa8255p Firmware
Sa8295p Firmware
Sa8530p Firmware
Sa8540p Firmware
Sa8620p Firmware
Sa8650p Firmware
Sa8770p Firmware
Sa8775p Firmware
Sa9000p Firmware
Sd 675 Firmware
Sd660 Firmware
Sd675 Firmware
Sd730 Firmware
Sd855 Firmware
Sd865 5g Firmware
Sd888 Firmware
Sdx55 Firmware
Sdx61 Firmware
Description
Memory corruption while calling the NPU driver APIs concurrently.
Analysis
Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Technical Context
This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. Memory corruption while calling the NPU driver APIs concurrently. Affected products include: Qualcomm 315 5G Iot Modem Firmware, Qualcomm Aqt1000 Firmware, Qualcomm Ar8031 Firmware, Qualcomm Ar8035 Firmware, Qualcomm C-V2X 9150 Firmware.
Affected Products
Qualcomm 315 5G Iot Modem Firmware, Qualcomm Aqt1000 Firmware, Qualcomm Ar8031 Firmware, Qualcomm Ar8035 Firmware, Qualcomm C-V2X 9150 Firmware.
Remediation
A vendor patch is available. Apply the latest security update as soon as possible. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.
Priority Score
39
Low
Medium
High
Critical
KEV: 0
EPSS: +0.0
CVSS: +39
POC: 0
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).