CVE-2025-27029

| EUVD-2025-16702 HIGH
2025-06-03 [email protected]
7.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 17:04 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 17:04 euvd
EUVD-2025-16702
CVE Published
Jun 03, 2025 - 06:15 nvd
HIGH 7.5

Tags

Buffer Overflow Denial Of Service Immersive Home 326 Platform Firmware Qca8112 Firmware Qca8085 Firmware Qcn5124 Firmware Ipq9048 Firmware Ipq9008 Firmware Sm8750 Firmware Wcn7861 Firmware Qcn6422 Firmware Qcn9024 Firmware Qca8111 Firmware Ipq9554 Firmware Wsa8835 Firmware Ipq5302 Firmware Qca8384 Firmware Qca8101 Firmware Sm8735 Firmware Immersive Home 3210 Platform Firmware Qca8081 Firmware Qcn6402 Firmware Ipq9570 Firmware Qcn9012 Firmware Snapdragon 8 Gen 3 Mobile Platform Firmware Wsa8830 Firmware Sm6650p Firmware Ipq5312 Firmware Qca0000 Firmware Qca8386 Firmware Wsa8832 Firmware Qcn9000 Firmware Ipq5424 Firmware Qca8084 Firmware Ipq5300 Firmware Sm7635 Firmware Wcn7860 Firmware Qca8082 Firmware Qca8080 Firmware Sm8750p Firmware Qca8385 Firmware Wsa8845 Firmware Ipq9574 Firmware Qcn5224 Firmware Qca8075 Firmware Qxm8083 Firmware Qcn9074 Firmware Qmp1000 Firmware Wcn7881 Firmware Qca8102 Firmware Wcn6650 Firmware Sm6650 Firmware Wcn6450 Firmware Wcd9395 Firmware Wcn7750 Firmware Wsa8840 Firmware Qcf8000 Firmware Fastconnect 7800 Firmware Qcn9160 Firmware Qcn9274 Firmware Qcf8001 Firmware Qcn6412 Firmware Qcn6432 Firmware Wsa8845h Firmware Wcd9390 Firmware Ipq5332 Firmware Wcn7880 Firmware Wcd9378 Firmware Wcn6755 Firmware

Description

Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.

Analysis

Network-accessible denial-of-service vulnerability in tone measurement response buffer processing that occurs when buffer contents fall outside expected range parameters, resulting in application/service crashes. The vulnerability affects systems implementing tone measurement protocols with improper input validation on buffer boundaries. An unauthenticated remote attacker can trigger this vulnerability with minimal complexity, causing service unavailability; however, without CVE details indicating active KEV status or public PoC availability, real-world exploitation likelihood remains moderate despite the high CVSS 7.5 score.

Technical Context

This vulnerability stems from CWE-126 (Buffer Over-read), a memory safety issue where code reads data beyond intended buffer boundaries without proper validation. The specific context involves tone measurement response processing—likely used in audio, telecommunications, or signal processing systems. The vulnerability manifests when the tone measurement protocol receives a response buffer with out-of-range values that the application fails to validate before processing. The absence of bounds checking on the response buffer allows reading beyond allocated memory, causing undefined behavior and denial of service. The CVSS vector (AV:N/AC:L/PR:N/UI:N) indicates the vulnerability is exploitable over the network without authentication or user interaction, suggesting the tone measurement service is directly exposed to network input without intermediate validation layers.

Affected Products

The CVE description references 'tone measurement response buffer' processing but does not specify the exact product, vendor, or CPE strings in the provided data. Systems likely affected include: (1) VoIP/telecommunications equipment implementing tone detection (e.g., Cisco, Avaya, Polycom systems); (2) Audio processing libraries or SDKs with tone measurement capabilities; (3) Signal processing frameworks using buffer-based tone analysis. Without vendor-specific CPE data provided, affected products cannot be precisely enumerated. Organizations should cross-reference CVE-2025-27029 against their vendor security advisories, particularly telecommunications and audio processing vendors, and check product security bulletins for applicability statements.

Remediation

Specific patch versions are not provided in the available data. General remediation steps: (1) **Obtain vendor patches**: Contact your equipment/software vendor for CVE-2025-27029 security updates; apply patches immediately to all affected systems; (2) **Input validation workaround**: If patching is delayed, implement network-level input validation to reject tone measurement responses outside expected value ranges before they reach vulnerable processing code; (3) **Network segmentation**: Restrict network access to tone measurement services to trusted internal networks only, reducing attack surface until patches are deployed; (4) **Service monitoring**: Implement alerting on service crashes and abnormal tone measurement request patterns to detect exploitation attempts; (5) **Vendor advisory consultation**: Review the vendor's security advisory (typically available via CVE database links) for version-specific patch availability and additional mitigation recommendations.

Priority Score

38
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +38
POC: 0

Share

CVE-2025-27029 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy