Skip to main content

CVE-2025-21444: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') in Qualcomm, Inc. Snapdragon

High
VulnerabilityCVE-2025-21444cvecve-2025-21444cwe-120
Published: Tue Jul 08 2025 (07/08/2025, 12:48:54 UTC)
Source: CVE Database V5
Vendor/Project: Qualcomm, Inc.
Product: Snapdragon

Description

Memory corruption while copying the result to the transmission queue in EMAC.

AI-Powered Analysis

AILast updated: 07/15/2025, 21:44:02 UTC

Technical Analysis

CVE-2025-21444 is a high-severity buffer overflow vulnerability classified under CWE-120, affecting multiple Qualcomm Snapdragon chipsets including models such as QAM8255P, SA9000P, and SRV1M among others. The vulnerability arises from improper handling of memory during the copying of data to the transmission queue in the EMAC (Ethernet Media Access Controller) component. Specifically, the flaw is a classic buffer overflow caused by copying data without verifying the size of the input buffer, leading to memory corruption. This can allow an attacker with limited privileges (local access with low privileges) to execute arbitrary code, cause denial of service, or escalate privileges due to the high impact on confidentiality, integrity, and availability. The CVSS v3.1 score of 7.8 reflects the vulnerability’s high severity, with attack vector being local (AV:L), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), and impacting confidentiality, integrity, and availability to a high degree (C:H/I:H/A:H). No known exploits have been reported in the wild yet, and no patches have been linked at the time of publication. The vulnerability affects a broad range of Snapdragon chipsets used in various embedded and mobile devices, potentially impacting network communications and device stability.

Potential Impact

For European organizations, the impact of CVE-2025-21444 could be significant, especially in sectors relying heavily on Qualcomm Snapdragon-based devices and embedded systems for critical communications infrastructure, industrial control systems, and mobile devices. The vulnerability’s exploitation could lead to unauthorized code execution, data breaches, or disruption of network services, undermining confidentiality, integrity, and availability of sensitive information and operational technology. Telecommunications providers, IoT device manufacturers, and enterprises deploying Snapdragon-powered equipment in Europe could face operational disruptions and increased risk of targeted attacks. The local attack vector implies that attackers need some level of access to the device, which could be achieved through compromised insiders, malware footholds, or physical access. Given the widespread use of Snapdragon chipsets in mobile and embedded devices, this vulnerability could also affect supply chain security and consumer privacy within European markets.

Mitigation Recommendations

To mitigate CVE-2025-21444, European organizations should: 1) Monitor Qualcomm’s official security advisories closely for patches or firmware updates addressing this vulnerability and prioritize their deployment across all affected devices. 2) Implement strict access controls and network segmentation to limit local access to devices running vulnerable Snapdragon chipsets, reducing the risk of exploitation. 3) Employ endpoint detection and response (EDR) solutions to detect anomalous behaviors indicative of exploitation attempts, such as unexpected memory corruption or transmission queue anomalies. 4) Conduct thorough inventory and asset management to identify all devices using affected Snapdragon models and assess their exposure. 5) For critical infrastructure, consider deploying additional network-level protections such as intrusion prevention systems (IPS) with signatures targeting exploitation techniques related to buffer overflows in EMAC components. 6) Educate staff on the risks of local privilege escalation vulnerabilities and enforce policies to minimize unauthorized physical or logical access to sensitive devices. 7) Collaborate with device vendors to ensure timely updates and verify the integrity of firmware images before deployment.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
qualcomm
Date Reserved
2024-12-18T09:50:08.922Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 686d15066f40f0eb72f50f83

Added to database: 7/8/2025, 12:54:30 PM

Last enriched: 7/15/2025, 9:44:02 PM

Last updated: 8/8/2025, 10:34:21 PM

Views: 18

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats