Skip to main content

Qualcomm Snapdragon EUVDEUVD-2025-210022

| CVE-2025-59609 MEDIUM
Buffer Over-read (CWE-126)
2026-06-01 qualcomm GHSA-4728-c4x2-h2qm
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Jun 01, 2026 - 23:01 vuln.today

DescriptionCVE.org

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.

AnalysisAI

Qualcomm Snapdragon chipsets improperly parse 802.11 advertisement frames containing malformed MBSSID (Multiple BSSID) elements of insufficient length, triggering a buffer over-read that discloses memory contents to an attacker. The CVSS vector (AV:N/AC:H/PR:L/UI:R/S:C) indicates network-reachable exploitation with changed scope, meaning the impact crosses beyond the Wi-Fi subsystem into adjacent components. No public exploit identified at time of analysis, and no CISA KEV listing exists; Qualcomm addressed this in their June 2026 Security Bulletin.

Technical ContextAI

The MBSSID (Multiple Basic Service Set Identifier) element is an IEEE 802.11ax (Wi-Fi 6) feature enabling a single physical access point to advertise multiple virtual BSSIDs within a single beacon or probe response frame. The affected Qualcomm Snapdragon Wi-Fi firmware or driver code (CPE: cpe:2.3:a:qualcomm,_inc.:snapdragon:*:*:*:*:*:*:*:*) fails to validate that the declared length of an MBSSID element matches the actual data present before reading from it. This produces a CWE-126 (Buffer Over-read) condition: the parser reads beyond the end of the element's allocated buffer, potentially exposing adjacent heap or stack memory. The 'Buffer Overflow' tag in the intelligence source may reflect the broader vulnerability class or a related write-path issue, but the CWE-126 root cause is a read-side overrun, consistent with the Information Disclosure primary impact. Changed scope (S:C) in the CVSS vector suggests that the leaked data or the over-read itself can affect components outside the immediate Wi-Fi parsing component, such as the OS networking stack or application-layer security boundaries.

RemediationAI

The primary remediation is to apply the patches released by Qualcomm in the June 2026 Security Bulletin (https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html). Exact patched firmware or driver versions are not independently confirmed from the available CPE data - the bulletin should be consulted for device-specific fix versions. OEM device manufacturers who integrate Snapdragon chipsets must incorporate and distribute these patches via their own firmware update mechanisms; end users should apply any available device firmware or OS updates from their device vendor. As a compensating control where patching is not immediately available, restricting device operation to trusted wireless environments reduces exposure to crafted beacon frames - specifically, disabling automatic Wi-Fi scanning or passive frame processing in untrusted public environments limits the attack surface, though this significantly degrades usability. There is no indication of a simpler configuration-level workaround such as disabling MBSSID support independently. No vendor advisory beyond the Qualcomm bulletin has been identified at time of analysis.

CVE-2026-25293 CRITICAL
9.6 May 04

Buffer overflow in Qualcomm Snapdragon firmware enables authentication bypass on adjacent networks, allowing remote unau

CVE-2026-25277 HIGH
8.8 Jun 01

Memory corruption in Qualcomm Snapdragon Strongbox component allows local low-privileged attackers to trigger a buffer o

CVE-2026-25276 HIGH
8.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon chipsets stems from an out-of-bounds memory access in the Strongbox tr

CVE-2025-47392 HIGH
8.8 Apr 06

Memory corruption in Qualcomm Snapdragon chipsets allows adjacent network attackers to achieve arbitrary code execution

CVE-2026-24088 HIGH
8.2 Jun 01

Bootloader integrity bypass in Qualcomm Snapdragon platforms allows a high-privileged local attacker to write to a speci

CVE-2026-25259 HIGH
7.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon platforms is possible through memory corruption when processing multip

CVE-2026-25258 HIGH
7.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon platforms stems from an out-of-bounds read (CWE-125) triggered during

CVE-2025-59606 HIGH
7.8 Jun 01

Local privilege escalation and memory corruption in Qualcomm Snapdragon platforms allows an attacker with low-privileged

CVE-2025-59605 HIGH
7.8 Jun 01

Local privilege escalation via memory corruption in Qualcomm Snapdragon platform components allows an authenticated low-

CVE-2025-59604 HIGH
7.8 Jun 01

Local memory corruption in Qualcomm Snapdragon platforms (CVE-2025-59604) allows a low-privileged local attacker to trig

CVE-2026-24082 HIGH
7.8 May 04

Use-after-free vulnerability in Qualcomm Snapdragon chipsets enables local privilege escalation to achieve full device c

CVE-2025-47408 HIGH
7.8 May 04

Memory corruption in Qualcomm Snapdragon allows local authenticated attackers with low privileges to achieve arbitrary c

Share

EUVD-2025-210022 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy