This vulnerability (CVE-2025-59609) involves a buffer over-read (CWE-126) in Qualcomm Snapdragon devices when handling malformed MBSSID elements in advertisement frames that are shorter than expected. This flaw can cause information disclosure by reading beyond the intended buffer boundaries. The issue impacts numerous Qualcomm Snapdragon platforms and associated hardware components. The CVSS 3.1 base score is 5.5, indicating medium severity, with network attack vector, high attack complexity, low privileges required, user interaction needed, and partial impact on confidentiality, integrity, and availability. No official patch or remediation guidance has been published by Qualcomm as of the data provided.

Successful exploitation may lead to partial information disclosure due to buffer over-read when processing malformed MBSSID elements in advertisement frames. The impact includes limited confidentiality, integrity, and availability effects. The vulnerability requires network access, user interaction, and has high attack complexity, reducing the likelihood of widespread exploitation. No known exploits in the wild have been reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, monitor vendor communications for updates. No specific mitigations or workarounds are provided in the available data.