Aqt1000 Firmware
CVE-2025-21441
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
AnalysisAI
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Affected products include: Qualcomm Fastconnect 7800 Firmware, Qualcomm Qca1062 Firmware, Qualcomm Qca1064 Firmware, Qualcomm Qca2062 Firmware, Qualcomm Qca2064 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
More in Aqt1000 Firmware
View allQualcomm GPU micronode contains a memory corruption vulnerability (CVE-2025-21480, CVSS 8.6) caused by unauthorized comm
A second Qualcomm GPU micronode memory corruption vulnerability (CVE-2025-21479, CVSS 8.6) exists in the unauthorized co
Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4),
CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoL
CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processi
CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that o
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. Rated high severity
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential f
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Rated high se
Memory corruption while reading secure file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today