Buffer Over-read in Video_CVE-2025-27036

6.1 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Description

Information disclosure when Video engine escape input data is less than expected minimum size.

Basic Information

ID CVE-2025-27036

Source qualcomm

Published Sep 24, 2025 at 15:33

Affected Product

Vendor Qualcomm, Inc.

Product Snapdragon

Version FastConnect 6700

Affected Versions Qualcomm, Inc. Snapdragon FastConnect 6700
Qualcomm, Inc. Snapdragon FastConnect 6900
Qualcomm, Inc. Snapdragon FastConnect 7800
Qualcomm, Inc. Snapdragon QCM5430
Qualcomm, Inc. Snapdragon QCM6490
Qualcomm, Inc. Snapdragon QCS5430
Qualcomm, Inc. Snapdragon QCS6490
Qualcomm, Inc. Snapdragon Qualcomm Video Collaboration VC3 Platform
Qualcomm, Inc. Snapdragon SC8380XP
Qualcomm, Inc. Snapdragon Snapdragon 7c+ Gen 3 Compute
Qualcomm, Inc. Snapdragon Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)
Qualcomm, Inc. Snapdragon WCD9370
Qualcomm, Inc. Snapdragon WCD9375
Qualcomm, Inc. Snapdragon WCD9380
Qualcomm, Inc. Snapdragon WCD9385
Qualcomm, Inc. Snapdragon WSA8830
Qualcomm, Inc. Snapdragon WSA8835
Qualcomm, Inc. Snapdragon WSA8840
Qualcomm, Inc. Snapdragon WSA8845
Qualcomm, Inc. Snapdragon WSA8845H

CWE Classification

CWE-126

References

docs.qualcomm.com /product/publicresources/securitybulletin/september-2025-bulletin.html

{
    "lastseen": "",
    "description": "Information disclosure when Video engine escape input data is less than expected minimum size.",
    "published": "2025-09-24T15:33:42.243Z",
    "modified": "2025-09-24T15:33:42.243Z",
    "type": "cve",
    "title": "Buffer Over-read in Video",
    "source": "qualcomm",
    "references": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html",
    "id": "CVE-2025-27036",
    "bulletinFamily": "",
    "cwe": [
        "CWE-126"
    ],
    "cvelist": null,
    "sourceData": "Qualcomm, Inc. Snapdragon FastConnect 6700\nQualcomm, Inc. Snapdragon FastConnect 6900\nQualcomm, Inc. Snapdragon FastConnect 7800\nQualcomm, Inc. Snapdragon QCM5430\nQualcomm, Inc. Snapdragon QCM6490\nQualcomm, Inc. Snapdragon QCS5430\nQualcomm, Inc. Snapdragon QCS6490\nQualcomm, Inc. Snapdragon Qualcomm Video Collaboration VC3 Platform\nQualcomm, Inc. Snapdragon SC8380XP\nQualcomm, Inc. Snapdragon Snapdragon 7c+ Gen 3 Compute\nQualcomm, Inc. Snapdragon Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)\nQualcomm, Inc. Snapdragon WCD9370\nQualcomm, Inc. Snapdragon WCD9375\nQualcomm, Inc. Snapdragon WCD9380\nQualcomm, Inc. Snapdragon WCD9385\nQualcomm, Inc. Snapdragon WSA8830\nQualcomm, Inc. Snapdragon WSA8835\nQualcomm, Inc. Snapdragon WSA8840\nQualcomm, Inc. Snapdragon WSA8845\nQualcomm, Inc. Snapdragon WSA8845H",
    "sourceHref": "",
    "cvss": {
        "score": 6.1,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Snapdragon",
    "version": "FastConnect 6700",
    "vendor": "Qualcomm, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}