CVE-2025-21484 is a high-severity buffer over-read vulnerability (CWE-126) affecting a broad range of Qualcomm Snapdragon platforms and associated wireless connectivity modules. The vulnerability arises during the processing of RTP (Real-time Transport Protocol) packets received by the User Equipment (UE). Specifically, when the UE decodes and reassembles fragments from RTP packets, improper bounds checking leads to a buffer over-read condition. This flaw allows an attacker to cause information disclosure by reading memory beyond the intended buffer boundaries. The vulnerability affects numerous Snapdragon SoCs, mobile platforms, modem-RF systems, wearable platforms, automotive platforms, and wireless connectivity chips, spanning many generations and product lines. The CVSS v3.1 base score is 8.2 (high), with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), no integrity impact (I:N), and low availability impact (A:L). This indicates that exploitation can be performed remotely without authentication or user interaction, potentially leaking sensitive memory contents from affected devices. No known exploits are reported in the wild yet, and no patches or mitigations have been linked in the provided data. The vulnerability's root cause is a classic buffer over-read during RTP packet fragment reassembly, which is critical for real-time media streaming and communication services on mobile devices. Given the extensive list of affected Qualcomm products, this vulnerability poses a significant risk to a wide range of consumer and enterprise devices relying on Snapdragon chipsets for cellular and wireless connectivity.

For European organizations, the impact of CVE-2025-21484 is substantial due to the widespread use of Qualcomm Snapdragon chipsets in smartphones, tablets, IoT devices, automotive systems, and wearable technology. Confidentiality is the primary concern, as the buffer over-read can lead to unauthorized disclosure of sensitive information residing in memory, potentially including cryptographic keys, user data, or other protected information. This could facilitate further targeted attacks, espionage, or data leakage. The vulnerability does not directly affect integrity but has a low impact on availability, meaning devices may experience minor disruptions but are unlikely to be rendered inoperable. European enterprises relying on mobile communications for critical operations, remote work, or secure communications could face increased risks of data breaches or interception. Additionally, sectors such as automotive, healthcare, and industrial IoT that integrate Snapdragon platforms may be exposed to information leakage, raising compliance and safety concerns. The lack of required privileges or user interaction for exploitation increases the threat level, as attackers can remotely target vulnerable devices over the network. Although no exploits are currently known in the wild, the high CVSS score and broad product impact necessitate urgent attention from European organizations to assess and mitigate risks.

1. Immediate inventory and identification of all devices and systems using affected Qualcomm Snapdragon platforms within the organization, including mobile devices, IoT endpoints, automotive systems, and wireless modules. 2. Monitor Qualcomm's official security advisories and vendor updates for patches or firmware updates addressing CVE-2025-21484. Deploy patches promptly once available. 3. Employ network-level protections such as RTP packet filtering, anomaly detection, and intrusion prevention systems to detect and block malformed or suspicious RTP traffic that could exploit the vulnerability. 4. For enterprise mobile device management (MDM), enforce strict update policies and restrict installation of untrusted applications that might facilitate exploitation. 5. Implement network segmentation and zero-trust principles to limit exposure of vulnerable devices to untrusted networks or external attackers. 6. Conduct security awareness training for staff to recognize potential signs of exploitation or unusual device behavior. 7. Collaborate with device manufacturers and service providers to ensure timely updates and coordinated vulnerability response. 8. Consider deploying endpoint detection and response (EDR) tools capable of identifying anomalous memory access patterns or RTP stream manipulations. 9. For critical infrastructure and automotive deployments, perform rigorous security testing and validation of firmware updates to prevent exploitation. These measures go beyond generic advice by focusing on proactive identification, network-level controls specific to RTP traffic, and coordination with vendors for patch management.