Sm8750 Firmware
CVE-2025-21484
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Lifecycle Timeline
2DescriptionCVE.org
Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
AnalysisAI
Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-126. Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. Affected products include: Qualcomm Sm8750 Firmware, Qualcomm Sm8750P Firmware, Qualcomm Sm8850 Firmware, Qualcomm Sm8850P Firmware, Qualcomm Smart Audio 200 Platform Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Sm8750 Firmware
View allCryptographic issue occurs due to use of insecure connection method while downloading.
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critic
Cryptographic issue may occur while encrypting license data. [CVSS 8.4 HIGH]
Memory corruption while decoding of OTA messages from T3448 IE. Rated high severity (CVSS 8.2), this vulnerability is re
CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoL
CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processi
CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that o
Network-based information disclosure vulnerability in RTP (Real-time Transport Protocol) packet decoding that occurs whe
Information disclosure may occur due to improper permission and access controls to Video Analytics engine. Rated high se
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to w
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential f
Memory corruption during the FRS UDS generation process. Rated high severity (CVSS 7.8), this vulnerability is low attac
Same weakness CWE-126 – Buffer Over-read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today