Ar8035 Firmware CVE-2025-21435
HIGH
Buffer Over-read (CWE-126)
2025-04-07
product-security@qualcomm.com
Buffer Overflow
Ar8035 Firmware
Csr8811 Firmware
Fastconnect 6800 Firmware
Fastconnect 6900 Firmware
Fastconnect 7800 Firmware
Immersive Home 214 Platform Firmware
Immersive Home 216 Platform Firmware
Immersive Home 316 Platform Firmware
Immersive Home 318 Platform Firmware
Immersive Home 3210 Platform Firmware
Immersive Home 326 Platform Firmware
Ipq5010 Firmware
Ipq5028 Firmware
Ipq5300 Firmware
Ipq5302 Firmware
Ipq5312 Firmware
Ipq5332 Firmware
Ipq6000 Firmware
Ipq6010 Firmware
Ipq6018 Firmware
Ipq6028 Firmware
Ipq8070a Firmware
Ipq8071a Firmware
Ipq8072a Firmware
Ipq8074a Firmware
Ipq8076 Firmware
Ipq8076a Firmware
Ipq8078 Firmware
Ipq8078a Firmware
Ipq8173 Firmware
Ipq8174 Firmware
Ipq9008 Firmware
Ipq9048 Firmware
Ipq9554 Firmware
Ipq9570 Firmware
Ipq9574 Firmware
Qam8255p Firmware
Qam8650p Firmware
Qam8775p Firmware
Qca4024 Firmware
Qca6391 Firmware
Qca6421 Firmware
Qca6426 Firmware
Qca6431 Firmware
Qca6436 Firmware
Qca6554a Firmware
Qca6564au Firmware
Qca6574 Firmware
Qca6574a Firmware
Qca6574au Firmware
Qca6584au Firmware
Qca6595 Firmware
Qca6595au Firmware
Qca6678aq Firmware
Qca6696 Firmware
Qca6698aq Firmware
Qca6777aq Firmware
Qca6787aq Firmware
Qca6797aq Firmware
Qca8075 Firmware
Qca8081 Firmware
Qca8082 Firmware
Qca8084 Firmware
Qca8085 Firmware
Qca8337 Firmware
Qca8386 Firmware
Qca9888 Firmware
Qca9889 Firmware
Qcc2073 Firmware
Qcc2076 Firmware
Qcc710 Firmware
Qcf8000 Firmware
Qcf8000sfp Firmware
Qcf8001 Firmware
Qcn5022 Firmware
Qcn5024 Firmware
Qcn5052 Firmware
Qcn5122 Firmware
Qcn5124 Firmware
Qcn5152 Firmware
Qcn5154 Firmware
Qcn5164 Firmware
Qcn6023 Firmware
Qcn6024 Firmware
Qcn6112 Firmware
Qcn6122 Firmware
Qcn6132 Firmware
Qcn6224 Firmware
Qcn6274 Firmware
Qcn6402 Firmware
Qcn6412 Firmware
Qcn6422 Firmware
Qcn6432 Firmware
Qcn9000 Firmware
Qcn9012 Firmware
Qcn9022 Firmware
Qcn9024 Firmware
Qcn9070 Firmware
Qcn9072 Firmware
Qcn9074 Firmware
Qcn9100 Firmware
Qcn9160 Firmware
Qcn9274 Firmware
Qfw7114 Firmware
Qfw7124 Firmware
Qmp1000 Firmware
Qxm8083 Firmware
Sa6155p Firmware
Sa8155p Firmware
Sa8195p Firmware
Sdx55 Firmware
Sdx65m Firmware
Sm8735 Firmware
Sm8750 Firmware
Sm8750p Firmware
Snapdragon 8 Gen 3 Mobile Platform Firmware
Snapdragon 865 5g Mobile Platform Firmware
Snapdragon X55 5g Modem Rf System Firmware
Snapdragon X65 5g Modem Rf System Firmware
Snapdragon X72 5g Modem Rf System Firmware
Snapdragon X75 5g Modem Rf System Firmware
Sw5100 Firmware
Sw5100p Firmware
Sxr2330p Firmware
Wcd9340 Firmware
Wcd9378 Firmware
Wcd9380 Firmware
Wcd9385 Firmware
Wcd9390 Firmware
Wcd9395 Firmware
Wcn3980 Firmware
Wcn3988 Firmware
Wcn6450 Firmware
Wcn6755 Firmware
Wcn7750 Firmware
Wcn7860 Firmware
Wcn7861 Firmware
Wcn7880 Firmware
Wcn7881 Firmware
Wsa8810 Firmware
Wsa8815 Firmware
Wsa8830 Firmware
Wsa8832 Firmware
Wsa8835 Firmware
Wsa8840 Firmware
Wsa8845 Firmware
Wsa8845h Firmware
Snapdragon 865 5G Mobile Platform Sm8250 Ab Firmware
Snapdragon 870 5G Mobile Platform Sm8250 Ac Firmware
7.5
CVSS 3.1
Share
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Lifecycle Timeline
2
Analysis Generated
Mar 28, 2026 - 18:35 vuln.today
CVE Published
Apr 07, 2025 - 11:15 nvd
HIGH 7.5
DescriptionNVD
Transient DOS may occur while parsing extended IE in beacon.
AnalysisAI
Transient DOS may occur while parsing extended IE in beacon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-126. Affected products include: Qualcomm Ar8035 Firmware, Qualcomm Csr8811 Firmware, Qualcomm Fastconnect 6800 Firmware, Qualcomm Fastconnect 6900 Firmware, Qualcomm Fastconnect 7800 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).