Cologne Firmware
CVE-2025-59603
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Memory Corruption when processing invalid user address with nonstandard buffer address.
AnalysisAI
Memory Corruption when processing invalid user address with nonstandard buffer address. [CVSS 7.8 HIGH]
Technical ContextAI
Classified as CWE-787 (Out-of-bounds Write). Affects Sd865 5G Firmware. Memory Corruption when processing invalid user address with nonstandard buffer address.
RemediationAI
Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.
More in Cologne Firmware
View allMemory Corruption when multiple threads concurrently access and modify shared resources. [CVSS 7.8 HIGH]
Video Collaboration Vc3 Platform Firmware versions up to - contains a security vulnerability (CVSS 7.8).
Memory Corruption when accessing buffers with invalid length during TA invocation. [CVSS 7.8 HIGH]
Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters. [CVSS 7.
Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain. [CVSS 7.1 HIGH]
Transient DOS when processing a received frame with an excessively large authentication information element. [CVSS 6.5 M
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Memory Corruption
View allShare
External POC / Exploit Code
Leaving vuln.today