Strix
26.1K

CVE-2025-21441

HIGHCVSS 7.8/10EPSS 0.09%

Last modified

CVE-2025-21441 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.. EPSS estimates a 0.09% chance of exploitation in the next 30 days.

Description

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

Metrics

CVSS 3.1
7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.09%

0.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
QualcommFastconnect 7800 FirmwareAll versions
QualcommQca1062 FirmwareAll versions
QualcommQca1064 FirmwareAll versions
QualcommQca2062 FirmwareAll versions
QualcommQca2064 FirmwareAll versions
QualcommQca2065 FirmwareAll versions
QualcommQca2066 FirmwareAll versions
QualcommQca6391 FirmwareAll versions
QualcommQca6420 FirmwareAll versions
QualcommQca6430 FirmwareAll versions
QualcommQcc2073 FirmwareAll versions
QualcommQcc2076 FirmwareAll versions
QualcommQcm5430 FirmwareAll versions
QualcommQcm6490 FirmwareAll versions
QualcommQcs5430 FirmwareAll versions
QualcommQcs6490 FirmwareAll versions
QualcommVideo Collaboration Vc3 Platform FirmwareAll versions
QualcommSc8180x\+Sdx55 FirmwareAll versions
QualcommSc8380xp FirmwareAll versions
QualcommSm6250 FirmwareAll versions
QualcommSnapdragon 7c Compute Platform \(Sc7180-Ac\) FirmwareAll versions
QualcommSnapdragon 7c Gen 2 Compute Platform \(Sc7180-Ad\) \"Rennell Pro\" FirmwareAll versions
QualcommSnapdragon 7c\+ Gen 3 Compute FirmwareAll versions
QualcommSnapdragon 8c Compute Platform \(Sc8180x-Ad\) FirmwareAll versions
QualcommSnapdragon 8c Compute Platform \(Sc8180xp-Ad\) FirmwareAll versions
QualcommSnapdragon 8cx Compute Platform \(Sc8180x-Aa\) FirmwareAll versions
QualcommSnapdragon 8cx Compute Platform \(Sc8180x-Ab\) FirmwareAll versions
QualcommSnapdragon 8cx Compute Platform \(Sc8180xp-Ac\) FirmwareAll versions
QualcommSnapdragon 8cx Compute Platform \(Sc8180xp-Af\) FirmwareAll versions
QualcommSnapdragon 8cx Gen 2 5g Compute Platform \(Sc8180x-Ac\) FirmwareAll versions
QualcommSnapdragon 8cx Gen 2 5g Compute Platform \(Sc8180x-Af\) FirmwareAll versions
QualcommSnapdragon 8cx Gen 2 5g Compute Platform \(Sc8180xp-Aa\) FirmwareAll versions
QualcommSnapdragon 8cx Gen 2 5g Compute Platform \(Sc8180xp-Ab\) FirmwareAll versions
QualcommWcd9340 FirmwareAll versions
QualcommWcd9341 FirmwareAll versions
QualcommWcd9370 FirmwareAll versions
QualcommWcd9375 FirmwareAll versions
QualcommAqt1000 FirmwareAll versions
QualcommFastconnect 6200 FirmwareAll versions
QualcommFastconnect 6700 FirmwareAll versions
QualcommFastconnect 6800 FirmwareAll versions
QualcommFastconnect 6900 FirmwareAll versions
QualcommWcd9380 FirmwareAll versions
QualcommWcd9385 FirmwareAll versions
QualcommWsa8810 FirmwareAll versions
QualcommWsa8815 FirmwareAll versions
QualcommWsa8840 FirmwareAll versions
QualcommWsa8845 FirmwareAll versions
QualcommWsa8845h FirmwareAll versions

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-21441?
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
How severe is CVE-2025-21441?
CVE-2025-21441 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.09% probability of exploitation in the next 30 days.
How do I fix CVE-2025-21441?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-21441?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST