Skip to main content

Qualcomm Snapdragon CVE-2025-59612

| EUVDEUVD-2025-210025 MEDIUM
Stack-based Buffer Overflow (CWE-121)
2026-06-01 qualcomm GHSA-743g-g358-85hj
6.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jun 01, 2026 - 23:00 vuln.today
CVE Published
Jun 01, 2026 - 22:05 nvd
MEDIUM 6.7

DescriptionCVE.org

Memory corruption in windows drivers while sending incorrect trusted application request

AnalysisAI

Stack-based buffer overflow in Qualcomm Snapdragon Windows drivers allows a locally authenticated high-privilege attacker to cause memory corruption by sending a malformed trusted application request. The vulnerability affects Snapdragon-based systems running Windows drivers and can result in complete compromise of confidentiality, integrity, and availability. No public exploit code exists and no active exploitation has been confirmed at time of analysis.

Technical ContextAI

The vulnerability resides in Windows kernel-mode drivers shipped with Qualcomm Snapdragon hardware (CPE: cpe:2.3:a:qualcomm,_inc.:snapdragon:*:*:*:*:*:*:*:*). CWE-121 identifies the root cause as a stack-based buffer overflow - an attacker-controlled input exceeds the bounds of a stack-allocated buffer within the driver's trusted application request handling path, overwriting adjacent stack data including return addresses or control flow pointers. Trusted application (TA) requests are a mechanism associated with Trusted Execution Environment (TEE) interfaces (such as Qualcomm's QTEE/TrustZone), where the Windows driver acts as a conduit passing requests from the normal world to the secure enclave. A malformed or oversized request that bypasses length validation before being copied onto the stack triggers the overflow. The 'Microsoft' tag confirms this is specific to the Windows driver stack, distinct from Android/Linux Snapdragon driver paths.

RemediationAI

The primary remediation is to apply the updated Qualcomm Snapdragon Windows drivers as detailed in the Qualcomm June 2026 Security Bulletin (https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html). An exact patched driver version is not independently confirmable from the provided data - consult the bulletin directly for version specifics. OEM system updates (via Windows Update or manufacturer-specific update utilities) are the typical delivery mechanism for Qualcomm driver patches on Windows devices. As a compensating control where patching is not immediately feasible, restricting which accounts hold local administrator privileges reduces the attack surface, since PR:H is a hard prerequisite; enforcing least-privilege access policies and using Privileged Access Workstation (PAW) models limits exposure. Driver blocklist enforcement via Windows Defender Application Control (WDAC) could be considered if a vulnerable driver version can be specifically identified, though this may impact device functionality.

Share

CVE-2025-59612 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy