How to fix CVE-2025-27033?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Qcm5430 Firmware affected by CVE-2025-27033?

CVE-2025-27033 presents moderate security risk rated CVSS 6.1. Exploitation could compromise the security of affected deployments. Organizations should apply vendor updates when available and monitor for exploitation.

CVE-2025-27033

MEDIUM

2025-09-24 [email protected]

6.1

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:14 vuln.today

CVE Published

Sep 24, 2025 - 16:15 nvd

MEDIUM 6.1

Tags

Buffer Overflow Information Disclosure Qcm5430 Firmware Qcm6490 Firmware Qcs5430 Firmware Qcs6490 Firmware Qcm8550 Firmware Qcs8550 Firmware Qcs615 Firmware Qcs9100 Firmware Sm6650 Firmware Sm7635 Firmware Sm8650 Firmware Sm8650P Firmware Sm8650q Firmware Sm7675 Firmware Sm7675p Firmware Sm8635 Firmware Sm8635p Firmware Sm8750 Firmware Sm8750p Firmware Sxr2330p Firmware Wcn6750 Firmware Wcn6856 Firmware Qcn9274 Firmware Wcn7851 Firmware Qca6698aq Firmware Wcn6650 Firmware Wcn6755 Firmware Wcn7850 Firmware Wcn7880 Firmware Wcn7860 Firmware Wcn7861 Firmware Wcn7881 Firmware

Description

Information disclosure while running video usecase having rogue firmware.

Analysis

Information disclosure while running video usecase having rogue firmware. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Technical Context

This vulnerability is classified under CWE-126. Information disclosure while running video usecase having rogue firmware. Affected products include: Qualcomm Qcm5430 Firmware, Qualcomm Qcm6490 Firmware, Qualcomm Qcs5430 Firmware, Qualcomm Qcs6490 Firmware, Qualcomm Qcm8550 Firmware.

Affected Products

Qualcomm Qcm5430 Firmware, Qualcomm Qcm6490 Firmware, Qualcomm Qcs5430 Firmware, Qualcomm Qcs6490 Firmware, Qualcomm Qcm8550 Firmware.

Remediation

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +30

POC: 0

CVE-2025-27033 vulnerability details – vuln.today

Back