Strix
26.1K

CVE-2025-21427

HIGHCVSS 8.2/10EPSS 0.20%

Last modified

CVE-2025-21427 is a high-severity vulnerability rated 8.2/10 on the CVSS scale. Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.. EPSS estimates a 0.20% chance of exploitation in the next 30 days.

Description

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

Metrics

CVSS 3.1
8.2/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

EPSS Probability
0.20%

10.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
QualcommSm6250 FirmwareAll versions
QualcommSm6370 FirmwareAll versions
QualcommSm7315 FirmwareAll versions
QualcommSm7325p FirmwareAll versions
QualcommSm8550p FirmwareAll versions
QualcommSmart Display 200 Platform FirmwareAll versions
QualcommSnapdragon 210 FirmwareAll versions
QualcommSnapdragon 212 Mobile FirmwareAll versions
QualcommSnapdragon 4 Gen 1 Mobile FirmwareAll versions
QualcommSnapdragon 4 Gen 2 Mobile FirmwareAll versions
QualcommSnapdragon 429 Mobile FirmwareAll versions
QualcommSnapdragon 460 Mobile FirmwareAll versions
QualcommSnapdragon 480 5g Mobile FirmwareAll versions
QualcommSnapdragon 480\+ 5g Mobile FirmwareAll versions
QualcommSnapdragon 625 Mobile FirmwareAll versions
QualcommSnapdragon 626 Mobile FirmwareAll versions
QualcommSnapdragon 660 Mobile FirmwareAll versions
QualcommSnapdragon 662 Mobile FirmwareAll versions
QualcommSnapdragon 670 Mobile FirmwareAll versions
QualcommSnapdragon 675 Mobile FirmwareAll versions
QualcommSnapdragon 678 Mobile FirmwareAll versions
QualcommSnapdragon 680 4g Mobile FirmwareAll versions
QualcommSnapdragon 685 4g Mobile FirmwareAll versions
QualcommSnapdragon 695 5g Mobile FirmwareAll versions
QualcommSnapdragon 710 Mobile FirmwareAll versions
QualcommSnapdragon 720g Mobile FirmwareAll versions
QualcommSnapdragon 730 Mobile FirmwareAll versions
QualcommSnapdragon 730g Mobile FirmwareAll versions
QualcommSnapdragon 732g Mobile FirmwareAll versions
QualcommSnapdragon 778g 5g Mobile FirmwareAll versions
QualcommSnapdragon 778g\+ 5g Mobile FirmwareAll versions
QualcommSnapdragon 780g 5g Mobile FirmwareAll versions
QualcommSnapdragon 782g Mobile FirmwareAll versions
QualcommSnapdragon 7c\+ Gen 3 Compute FirmwareAll versions
QualcommSnapdragon 8 Gen 1 Mobile FirmwareAll versions
QualcommSnapdragon 8 Gen 2 Mobile FirmwareAll versions
QualcommSnapdragon 8 Gen 3 Mobile FirmwareAll versions
QualcommSnapdragon 8\+ Gen 1 Mobile FirmwareAll versions
QualcommSnapdragon 8\+ Gen 2 Mobile FirmwareAll versions
QualcommSnapdragon 820 Automotive FirmwareAll versions
QualcommApq8064au FirmwareAll versions
QualcommAqt1000 FirmwareAll versions
QualcommFastconnect 6200 FirmwareAll versions
QualcommFastconnect 6700 FirmwareAll versions
QualcommFastconnect 6800 FirmwareAll versions
QualcommFastconnect 6900 FirmwareAll versions
QualcommFastconnect 7800 FirmwareAll versions
QualcommMsm8996au FirmwareAll versions
QualcommQam8255p FirmwareAll versions
QualcommQam8295p FirmwareAll versions

Showing 50 of 179 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-21427?
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
How severe is CVE-2025-21427?
CVE-2025-21427 has a CVSS score of 8.2/10 (HIGH severity). The EPSS model estimates a 0.20% probability of exploitation in the next 30 days.
How do I fix CVE-2025-21427?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-21427?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST