Skip to main content

Orne Firmware

9 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-21385 HIGH POC KEV PATCH THREAT Act Now

A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memory allocation, enabling local privilege escalation to kernel level. KEV-listed and patched, this vulnerability affects Qualcomm-based mobile devices and embedded systems, potentially impacting billions of Android devices globally.

Memory Corruption 5g Fixed Wireless Access Platform Firmware Apq8098 Firmware Ar8031 Firmware Ar8035 Firmware +222
NVD VulDB GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2025-59600 HIGH PATCH This Week

Memory Corruption when adding user-supplied data without checking available buffer space. [CVSS 7.8 HIGH]

Memory Corruption Ar8031 Firmware Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +156
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47385 HIGH This Week

Memory Corruption when accessing trusted execution environment without proper privilege check. [CVSS 7.8 HIGH]

Memory Corruption Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +87
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47383 HIGH This Week

5G Fixed Wireless Access Platform Firmware versions up to - contains a vulnerability that allows attackers to cryptographic issue when a VoWiFi call is triggered from UE (CVSS 7.2).

Information Disclosure 5g Fixed Wireless Access Platform Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware Apq8098 Firmware +190
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-47373 HIGH This Week

Memory Corruption when accessing buffers with invalid length during TA invocation. [CVSS 7.8 HIGH]

Snapdragon X35 5g Modem Rf System Firmware Snapdragon 8 Gen 2 Mobile Platform Firmware Snapdragon X32 5g Modem Rf System Firmware Snapdragon 8 Gen 1 Firmware Snapdragon 460 Mobile Platform Firmware +179
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47371 MEDIUM This Month

5G Fixed Wireless Access Platform Firmware versions up to - is affected by reachable assertion (CVSS 6.5).

Denial Of Service 5g Fixed Wireless Access Platform Firmware Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +117
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-47402 MEDIUM This Month

Transient DOS when processing a received frame with an excessively large authentication information element. [CVSS 6.5 MEDIUM]

Denial Of Service Ar8035 Firmware Cologne Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +90
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-47398 HIGH PATCH This Week

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers. [CVSS 7.8 HIGH]

Memory Corruption Industrial Ar8031 Firmware Csra6620 Firmware Csra6640 Firmware +145
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47397 HIGH PATCH This Week

Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors. [CVSS 7.8 HIGH]

Memory Corruption Ar8031 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +138
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21385
EPSS 0% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memory allocation, enabling local privilege escalation to kernel level. KEV-listed and patched, this vulnerability affects Qualcomm-based mobile devices and embedded systems, potentially impacting billions of Android devices globally.

Memory Corruption 5g Fixed Wireless Access Platform Firmware Apq8098 Firmware +224
NVD VulDB GitHub
CVE-2025-59600
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption when adding user-supplied data without checking available buffer space. [CVSS 7.8 HIGH]

Memory Corruption Ar8031 Firmware Ar8035 Firmware +158
NVD
CVE-2025-47385
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption when accessing trusted execution environment without proper privilege check. [CVSS 7.8 HIGH]

Memory Corruption Fastconnect 6200 Firmware Fastconnect 6700 Firmware +89
NVD
CVE-2025-47383
EPSS 0% CVSS 7.2
HIGH This Week

5G Fixed Wireless Access Platform Firmware versions up to - contains a vulnerability that allows attackers to cryptographic issue when a VoWiFi call is triggered from UE (CVSS 7.2).

Information Disclosure 5g Fixed Wireless Access Platform Firmware 9206 Lte Modem Firmware +192
NVD
CVE-2025-47373
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption when accessing buffers with invalid length during TA invocation. [CVSS 7.8 HIGH]

Snapdragon X35 5g Modem Rf System Firmware Snapdragon 8 Gen 2 Mobile Platform Firmware Snapdragon X32 5g Modem Rf System Firmware +181
NVD
CVE-2025-47371
EPSS 0% CVSS 6.5
MEDIUM This Month

5G Fixed Wireless Access Platform Firmware versions up to - is affected by reachable assertion (CVSS 6.5).

Denial Of Service 5g Fixed Wireless Access Platform Firmware Ar8035 Firmware +119
NVD
CVE-2025-47402
EPSS 0% CVSS 6.5
MEDIUM This Month

Transient DOS when processing a received frame with an excessively large authentication information element. [CVSS 6.5 MEDIUM]

Denial Of Service Ar8035 Firmware Cologne Firmware +92
NVD
CVE-2025-47398
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers. [CVSS 7.8 HIGH]

Memory Corruption Industrial Ar8031 Firmware +147
NVD
CVE-2025-47397
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors. [CVSS 7.8 HIGH]

Memory Corruption Ar8031 Firmware Csra6620 Firmware +140
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy