Strix
26.1K

CVE-2025-21449

HIGHCVSS 7.5/10EPSS 0.20%

Last modified

CVE-2025-21449 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Transient DOS may occur while processing malformed length field in SSID IEs.. EPSS estimates a 0.20% chance of exploitation in the next 30 days.

Description

Transient DOS may occur while processing malformed length field in SSID IEs.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
0.20%

9.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
QualcommSm8635p FirmwareAll versions
QualcommSm8650q FirmwareAll versions
QualcommSm8735 FirmwareAll versions
QualcommSm8750 FirmwareAll versions
QualcommSm8750p FirmwareAll versions
QualcommSmart Audio 200 Platform FirmwareAll versions
QualcommSmart Audio 400 Platform FirmwareAll versions
QualcommSnapdragon 4 Gen 1 Mobile FirmwareAll versions
QualcommSnapdragon 4 Gen 2 Mobile FirmwareAll versions
QualcommSnapdragon 460 Mobile FirmwareAll versions
QualcommSnapdragon 480 5g Mobile FirmwareAll versions
QualcommSnapdragon 480\+ 5g Mobile FirmwareAll versions
QualcommSnapdragon 660 Mobile FirmwareAll versions
QualcommSnapdragon 662 Mobile FirmwareAll versions
QualcommSnapdragon 665 Mobile FirmwareAll versions
QualcommSnapdragon 670 Mobile FirmwareAll versions
QualcommSnapdragon 675 Mobile FirmwareAll versions
QualcommSnapdragon 678 Mobile FirmwareAll versions
QualcommSnapdragon 680 4g Mobile FirmwareAll versions
QualcommSnapdragon 685 4g Mobile FirmwareAll versions
QualcommSnapdragon 690 5g Mobile FirmwareAll versions
QualcommSnapdragon 695 5g Mobile FirmwareAll versions
QualcommSnapdragon 710 Mobile FirmwareAll versions
QualcommSnapdragon 712 Mobile FirmwareAll versions
QualcommSnapdragon 720g Mobile FirmwareAll versions
QualcommSnapdragon 730 Mobile FirmwareAll versions
QualcommSnapdragon 730g Mobile FirmwareAll versions
QualcommSnapdragon 732g Mobile FirmwareAll versions
QualcommSnapdragon 750g 5g Mobile FirmwareAll versions
QualcommSnapdragon 765 5g Mobile FirmwareAll versions
QualcommSnapdragon 765g 5g Mobile FirmwareAll versions
QualcommSnapdragon 768g 5g Mobile FirmwareAll versions
QualcommSnapdragon 778g 5g Mobile FirmwareAll versions
QualcommSnapdragon 778g\+ 5g Mobile FirmwareAll versions
QualcommSnapdragon 780g 5g Mobile FirmwareAll versions
QualcommSnapdragon 782g Mobile FirmwareAll versions
QualcommSnapdragon 7c Compute FirmwareAll versions
QualcommSc7180-Ad FirmwareAll versions
QualcommSnapdragon 7c\+ Gen 3 Compute FirmwareAll versions
QualcommSnapdragon 8 Gen 1 Mobile FirmwareAll versions
Qualcomm315 5g Iot FirmwareAll versions
QualcommApq8017 FirmwareAll versions
QualcommApq8064au FirmwareAll versions
QualcommAqt1000 FirmwareAll versions
QualcommAr8031 FirmwareAll versions
QualcommAr8035 FirmwareAll versions
QualcommAr9380 FirmwareAll versions
QualcommCsr8811 FirmwareAll versions
QualcommCsra6620 FirmwareAll versions
QualcommCsra6640 FirmwareAll versions

Showing 50 of 185 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-21449?
Transient DOS may occur while processing malformed length field in SSID IEs.
How severe is CVE-2025-21449?
CVE-2025-21449 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 0.20% probability of exploitation in the next 30 days.
How do I fix CVE-2025-21449?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-21449?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST