Immersive Home 214 Platform Firmware
CVE-2025-27073
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
Transient DOS while creating NDP instance.
AnalysisAI
Transient DOS while creating NDP instance. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-617. Affected products include: Qualcomm Immersive Home 214 Platform Firmware, Qualcomm Immersive Home 216 Platform Firmware, Qualcomm Immersive Home 316 Platform Firmware, Qualcomm Immersive Home 318 Platform Firmware, Qualcomm Ipq5010 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Memory corruption while deinitializing a HDCP session. [CVSS 7.8 HIGH]
Transient DOS may occur while parsing SSID in action frames. Rated high severity (CVSS 7.5), this vulnerability is remot
Transient DOS may occur while parsing extended IE in beacon. Rated high severity (CVSS 7.5), this vulnerability is remot
Transient denial-of-service vulnerability in wireless beacon frame processing that occurs when a device receives a malfo
Transient DOS while parsing the EPTM test control message to get the test pattern. Rated high severity (CVSS 7.5), this
Information disclosure while processing a firmware event. [CVSS 6.1 MEDIUM]
Memory corruption while processing a GP command response. Rated high severity (CVSS 8.8), this vulnerability is low atta
Transient DOS while handling command data during power control processing. Rated high severity (CVSS 7.5), this vulnerab
Cryptographic issue while performing RSA PKCS padding decoding. Rated high severity (CVSS 7.1), this vulnerability is lo
Transient DOS while processing an ANQP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitab
Same weakness CWE-617 – Reachable Assertion
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today