Skip to main content

Aqt1000 Firmware CVE-2025-21441

HIGH
Out-of-bounds Write (CWE-787)
2025-04-07 product-security@qualcomm.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:35 vuln.today
CVE Published
Apr 07, 2025 - 11:15 nvd
HIGH 7.8

DescriptionCVE.org

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

AnalysisAI

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Affected products include: Qualcomm Fastconnect 7800 Firmware, Qualcomm Qca1062 Firmware, Qualcomm Qca1064 Firmware, Qualcomm Qca2062 Firmware, Qualcomm Qca2064 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

CVE-2025-21480 HIGH
8.6 Jun 03

Qualcomm GPU micronode contains a memory corruption vulnerability (CVE-2025-21480, CVSS 8.6) caused by unauthorized comm

CVE-2025-21479 HIGH
8.6 Jun 03

A second Qualcomm GPU micronode memory corruption vulnerability (CVE-2025-21479, CVSS 8.6) exists in the unauthorized co

CVE-2024-33065 HIGH
8.4 Oct 07

Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4),

CVE-2024-53026 HIGH
8.2 Jun 03

CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoL

CVE-2024-53021 HIGH
8.2 Jun 03

CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processi

CVE-2024-53020 HIGH
8.2 Jun 03

CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that o

CVE-2025-21427 HIGH
8.2 Jul 08

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

CVE-2025-21475 HIGH
7.8 May 06

Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. Rated high severity

CVE-2025-21453 HIGH
7.8 May 06

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential f

CVE-2024-49841 HIGH
7.8 May 06

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Rated high se

CVE-2024-49835 HIGH
7.8 May 06

Memory corruption while reading secure file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity

CVE-2025-21440 HIGH
7.8 Apr 07

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV

Share

CVE-2025-21441 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy