CVE 8.8 HIGH

Buffer Copy Without Checking Size of Input in Secure Processor_CVE-2026-25277

June 1, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

Memory corruption while using Strongbox due to buffer overflow.

AI Analysis

Buffer copy without checking size of input in secure processor, leading to memory corruption due to buffer overflow.

Basic Information

ID CVE-2026-25277

Source qualcomm

Published Jun 1, 2026 at 22:05

Affected Product

Vendor Qualcomm, Inc.

Product Snapdragon

Version Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8 Elite, Snapdragon 8 Elite Gen 5

Affected Versions Qualcomm, Inc. Snapdragon Snapdragon 8 Gen 2 Mobile Platform
Qualcomm, Inc. Snapdragon Snapdragon 8+ Gen 2 Mobile Platform
Qualcomm, Inc. Snapdragon Snapdragon 8 Gen 3 Mobile Platform
Qualcomm, Inc. Snapdragon Snapdragon 8 Elite
Qualcomm, Inc. Snapdragon Snapdragon 8 Elite Gen 5

CWE Classification

CWE-120

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Qualcomm

Product Snapdragon

Version Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8 Elite, Snapdragon 8 Elite Gen 5

References

docs.qualcomm.com /product/publicresources/securitybulletin/june-2026-bulletin.html

{
    "lastseen": "",
    "description": "Memory corruption while using Strongbox due to buffer overflow.",
    "published": "2026-06-01T22:05:49.656Z",
    "modified": "2026-06-01T22:05:49.656Z",
    "type": "cve",
    "title": "Buffer Copy Without Checking Size of Input in Secure Processor",
    "source": "qualcomm",
    "references": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html",
    "id": "CVE-2026-25277",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120"
    ],
    "cvelist": null,
    "sourceData": "Qualcomm, Inc. Snapdragon Snapdragon 8 Gen 2 Mobile Platform\nQualcomm, Inc. Snapdragon Snapdragon 8+ Gen 2 Mobile Platform\nQualcomm, Inc. Snapdragon Snapdragon 8 Gen 3 Mobile Platform\nQualcomm, Inc. Snapdragon Snapdragon 8 Elite\nQualcomm, Inc. Snapdragon Snapdragon 8 Elite Gen 5",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Snapdragon",
    "version": "Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8 Elite, Snapdragon 8 Elite Gen 5",
    "vendor": "Qualcomm, Inc.",
    "ai_description": "Buffer copy without checking size of input in secure processor, leading to memory corruption due to buffer overflow.",
    "ai_severity": "High",
    "ai_vendor": "Qualcomm",
    "ai_product": "Snapdragon",
    "ai_version": "Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8 Elite, Snapdragon 8 Elite Gen 5",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply