This vulnerability (CVE-2026-25293) affects the Qualcomm Snapdragon QCA7005 platform and is classified as CWE-863 (Incorrect Authorization). It arises from a buffer overflow condition in the PLC firmware due to improper authorization checks. The CVSS 3.1 base score is 9.6, reflecting an attack vector requiring adjacent network access with no privileges or user interaction, but resulting in complete compromise of confidentiality, integrity, and availability. The vendor has published the vulnerability but has not provided a remediation level or patch information. The vulnerability is not related to a cloud service and no known exploits have been reported.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code, escalate privileges, or cause denial of service on affected Qualcomm Snapdragon QCA7005 devices. The impact affects confidentiality, integrity, and availability at a critical level. However, no active exploitation has been observed so far.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or temporary mitigation is currently documented, users and administrators should monitor Qualcomm's advisories for updates. Until a patch is available, restricting access to the affected device's adjacent network interfaces may reduce exposure.