CVE 5.5 MEDIUM

Leftover Debug Code in Secure Element_CVE-2025-21472

August 6, 2025 invoker category_cve
5.5 / 10
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

Information disclosure while capturing logs as eSE debug messages are logged.

AI Analysis

This vulnerability involves information disclosure due to leftover debug code in the secure element, which logs sensitive data.

Basic Information

ID CVE-2025-21472
Source qualcomm
Published Aug 6, 2025 at 07:25
Modified Aug 6, 2025 at 19:26

Affected Product

Vendor Qualcomm, Inc.
Product Snapdragon
Version FastConnect 6900
Affected Versions Qualcomm, Inc. Snapdragon FastConnect 6900
Qualcomm, Inc. Snapdragon FastConnect 7800
Qualcomm, Inc. Snapdragon QCA9367
Qualcomm, Inc. Snapdragon QCA9377
Qualcomm, Inc. Snapdragon QCS8550
Qualcomm, Inc. Snapdragon SA8530P
Qualcomm, Inc. Snapdragon SA8540P
Qualcomm, Inc. Snapdragon SA9000P
Qualcomm, Inc. Snapdragon Snapdragon 8 Gen 1 Mobile Platform
Qualcomm, Inc. Snapdragon WCD9380
Qualcomm, Inc. Snapdragon WSA8830
Qualcomm, Inc. Snapdragon WSA8835

CWE Classification

CWE-489

AI Assessment

AI Severity Medium
Vendor Qualcomm, Inc.
Product Snapdragon
Version FastConnect 6900, FastConnect 7800, QCA9367, QCA9377, QCS8550, SA8530P, SA8540P, SA9000P, Snapdragon 8 Gen 1 Mobile Platform, WCD9380, WSA8830, WSA8835

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.