Use of Out-of-range Pointer Offset in TZ Firmware_CVE-2025-27059

8.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

Memory corruption while performing SCM call.

Basic Information

ID CVE-2025-27059

Source qualcomm

Published Oct 9, 2025 at 03:18

Affected Product

Vendor Qualcomm, Inc.

Product Snapdragon

Version Immersive Home 214 Platform

Affected Versions Qualcomm, Inc. Snapdragon Immersive Home 214 Platform
Qualcomm, Inc. Snapdragon Immersive Home 216 Platform
Qualcomm, Inc. Snapdragon Immersive Home 316 Platform
Qualcomm, Inc. Snapdragon Immersive Home 318 Platform
Qualcomm, Inc. Snapdragon IPQ5010
Qualcomm, Inc. Snapdragon IPQ5028
Qualcomm, Inc. Snapdragon QCN6023
Qualcomm, Inc. Snapdragon QCN6024
Qualcomm, Inc. Snapdragon QCN6100
Qualcomm, Inc. Snapdragon QCN6102
Qualcomm, Inc. Snapdragon QCN6112
Qualcomm, Inc. Snapdragon QCN6122
Qualcomm, Inc. Snapdragon QCN6132
Qualcomm, Inc. Snapdragon QCN9000
Qualcomm, Inc. Snapdragon QCN9001
Qualcomm, Inc. Snapdragon QCN9002
Qualcomm, Inc. Snapdragon QCN9003
Qualcomm, Inc. Snapdragon QCN9012
Qualcomm, Inc. Snapdragon QCN9022
Qualcomm, Inc. Snapdragon QCN9024
Qualcomm, Inc. Snapdragon QCN9070
Qualcomm, Inc. Snapdragon QCN9072
Qualcomm, Inc. Snapdragon QCN9074
Qualcomm, Inc. Snapdragon QCN9100
Qualcomm, Inc. Snapdragon QCN9274

CWE Classification

CWE-823

References

docs.qualcomm.com /product/publicresources/securitybulletin/october-2025-bulletin.html

{
    "lastseen": "",
    "description": "Memory corruption while performing SCM call.",
    "published": "2025-10-09T03:18:04.840Z",
    "modified": "2025-10-09T03:18:04.840Z",
    "type": "cve",
    "title": "Use of Out-of-range Pointer Offset in TZ Firmware",
    "source": "qualcomm",
    "references": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html",
    "id": "CVE-2025-27059",
    "bulletinFamily": "",
    "cwe": [
        "CWE-823"
    ],
    "cvelist": null,
    "sourceData": "Qualcomm, Inc. Snapdragon Immersive Home 214 Platform\nQualcomm, Inc. Snapdragon Immersive Home 216 Platform\nQualcomm, Inc. Snapdragon Immersive Home 316 Platform\nQualcomm, Inc. Snapdragon Immersive Home 318 Platform\nQualcomm, Inc. Snapdragon IPQ5010\nQualcomm, Inc. Snapdragon IPQ5028\nQualcomm, Inc. Snapdragon QCN6023\nQualcomm, Inc. Snapdragon QCN6024\nQualcomm, Inc. Snapdragon QCN6100\nQualcomm, Inc. Snapdragon QCN6102\nQualcomm, Inc. Snapdragon QCN6112\nQualcomm, Inc. Snapdragon QCN6122\nQualcomm, Inc. Snapdragon QCN6132\nQualcomm, Inc. Snapdragon QCN9000\nQualcomm, Inc. Snapdragon QCN9001\nQualcomm, Inc. Snapdragon QCN9002\nQualcomm, Inc. Snapdragon QCN9003\nQualcomm, Inc. Snapdragon QCN9012\nQualcomm, Inc. Snapdragon QCN9022\nQualcomm, Inc. Snapdragon QCN9024\nQualcomm, Inc. Snapdragon QCN9070\nQualcomm, Inc. Snapdragon QCN9072\nQualcomm, Inc. Snapdragon QCN9074\nQualcomm, Inc. Snapdragon QCN9100\nQualcomm, Inc. Snapdragon QCN9274",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Snapdragon",
    "version": "Immersive Home 214 Platform",
    "vendor": "Qualcomm, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}