{"id":20748,"date":"2025-10-08T22:28:22","date_gmt":"2025-10-08T22:28:22","guid":{"rendered":"http:\/\/localhost\/?p=20748"},"modified":"2025-10-08T22:28:22","modified_gmt":"2025-10-08T22:28:22","slug":"improper-input-validation-in-tz-firmware","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=20748","title":{"rendered":"Improper Input Validation in TZ Firmware_CVE-2025-27040"},"content":{"rendered":"

{“lastseen”:””,”description”:”Information disclosure may occur while processing the hypervisor log.”,”published”:”2025-10-09T03:17:54.304Z”,”modified”:”2025-10-09T03:17:54.304Z”,”type”:”cve”,”title”:”Improper Input Validation in TZ Firmware”,”source”:”qualcomm”,”references”:”https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/october-2025-bulletin.html”,”id”:”CVE-2025-27040″,”bulletinFamily”:””,”cwe”:[“CWE-20″],”cvelist”:null,”sourceData”:”Qualcomm, Inc. Snapdragon CSR8811\\nQualcomm, Inc. Snapdragon Immersive Home 214 Platform\\nQualcomm, Inc. Snapdragon Immersive Home 216 Platform\\nQualcomm, Inc. Snapdragon Immersive Home 316 Platform\\nQualcomm, Inc. Snapdragon Immersive Home 318 Platform\\nQualcomm, Inc. Snapdragon IPQ5010\\nQualcomm, Inc. Snapdragon IPQ5028\\nQualcomm, Inc. Snapdragon IPQ8070\\nQualcomm, Inc. Snapdragon IPQ8070A\\nQualcomm, Inc. Snapdragon IPQ8071\\nQualcomm, Inc. Snapdragon IPQ8071A\\nQualcomm, Inc. Snapdragon IPQ8072\\nQualcomm, Inc. Snapdragon IPQ8072A\\nQualcomm, Inc. Snapdragon IPQ8074\\nQualcomm, Inc. Snapdragon IPQ8074A\\nQualcomm, Inc. Snapdragon IPQ8076\\nQualcomm, Inc. Snapdragon IPQ8076A\\nQualcomm, Inc. Snapdragon IPQ8078\\nQualcomm, Inc. Snapdragon IPQ8078A\\nQualcomm, Inc. Snapdragon IPQ8173\\nQualcomm, Inc. Snapdragon IPQ8174\\nQualcomm, Inc. Snapdragon IPQ9008\\nQualcomm, Inc. Snapdragon IPQ9574\\nQualcomm, Inc. Snapdragon PMP8074\\nQualcomm, Inc. Snapdragon QCA4024\\nQualcomm, Inc. Snapdragon QCA6428\\nQualcomm, Inc. Snapdragon QCA6438\\nQualcomm, Inc. Snapdragon QCA6694\\nQualcomm, Inc. Snapdragon QCA8072\\nQualcomm, Inc. Snapdragon QCA8075\\nQualcomm, Inc. Snapdragon QCA8081\\nQualcomm, Inc. Snapdragon QCA9888\\nQualcomm, Inc. Snapdragon QCA9889\\nQualcomm, Inc. Snapdragon QCA9984\\nQualcomm, Inc. Snapdragon QCN5022\\nQualcomm, Inc. Snapdragon QCN5024\\nQualcomm, Inc. Snapdragon QCN5052\\nQualcomm, Inc. Snapdragon QCN5054\\nQualcomm, Inc. Snapdragon QCN5064\\nQualcomm, Inc. Snapdragon QCN5122\\nQualcomm, Inc. Snapdragon QCN5124\\nQualcomm, Inc. Snapdragon QCN5152\\nQualcomm, Inc. Snapdragon QCN5154\\nQualcomm, Inc. Snapdragon QCN5164\\nQualcomm, Inc. Snapdragon QCN5550\\nQualcomm, Inc. Snapdragon QCN6023\\nQualcomm, Inc. Snapdragon QCN6024\\nQualcomm, Inc. Snapdragon QCN6100\\nQualcomm, Inc. Snapdragon QCN6102\\nQualcomm, Inc. Snapdragon QCN6112\\nQualcomm, Inc. Snapdragon QCN6122\\nQualcomm, Inc. Snapdragon QCN6132\\nQualcomm, Inc. Snapdragon QCN9000\\nQualcomm, Inc. Snapdragon QCN9001\\nQualcomm, Inc. Snapdragon QCN9002\\nQualcomm, Inc. Snapdragon QCN9003\\nQualcomm, Inc. Snapdragon QCN9012\\nQualcomm, Inc. Snapdragon QCN9022\\nQualcomm, Inc. Snapdragon QCN9024\\nQualcomm, Inc. Snapdragon QCN9070\\nQualcomm, Inc. Snapdragon QCN9072\\nQualcomm, Inc. Snapdragon QCN9074\\nQualcomm, Inc. Snapdragon QCN9100\\nQualcomm, Inc. Snapdragon QCN9274\\nQualcomm, Inc. Snapdragon SDX55″,”sourceHref”:””,”cvss”:{“score”:6.5,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:N\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Snapdragon”,”version”:”CSR8811″,”vendor”:”Qualcomm, Inc.”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:””,”description”:”Information disclosure may occur while processing the hypervisor log.”,”published”:”2025-10-09T03:17:54.304Z”,”modified”:”2025-10-09T03:17:54.304Z”,”type”:”cve”,”title”:”Improper Input Validation in TZ Firmware”,”source”:”qualcomm”,”references”:”https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/october-2025-bulletin.html”,”id”:”CVE-2025-27040″,”bulletinFamily”:””,”cwe”:[“CWE-20″],”cvelist”:null,”sourceData”:”Qualcomm, Inc. Snapdragon CSR8811\\nQualcomm, Inc. Snapdragon Immersive Home 214 Platform\\nQualcomm, Inc. Snapdragon…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,26,12,21,13,7,11,5],"class_list":["post-20748","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-65","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nImproper Input Validation in TZ Firmware_CVE-2025-27040 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=20748\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Improper Input Validation in TZ Firmware_CVE-2025-27040 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:””,”description”:”Information disclosure may occur while processing the hypervisor log.”,”published”:”2025-10-09T03:17:54.304Z”,”modified”:”2025-10-09T03:17:54.304Z”,”type”:”cve”,”title”:”Improper Input Validation in TZ Firmware”,”source”:”qualcomm”,”references”:”https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/october-2025-bulletin.html”,”id”:”CVE-2025-27040″,”bulletinFamily”:””,”cwe”:[“CWE-20″],”cvelist”:null,”sourceData”:”Qualcomm, Inc. Snapdragon CSR8811nQualcomm, Inc. Snapdragon Immersive Home 214 PlatformnQualcomm, Inc. Snapdragon...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=20748\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-10-08T22:28:22+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20748#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20748\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Improper Input Validation in TZ Firmware_CVE-2025-27040\",\"datePublished\":\"2025-10-08T22:28:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20748\"},\"wordCount\":410,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-6.5\",\"exploit\",\"MEDIUM\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=20748#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20748\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20748\",\"name\":\"Improper Input Validation in TZ Firmware_CVE-2025-27040 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-10-08T22:28:22+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20748#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=20748\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20748#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Improper Input Validation in TZ Firmware_CVE-2025-27040\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Improper Input Validation in TZ Firmware_CVE-2025-27040 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=20748","og_locale":"en_US","og_type":"article","og_title":"Improper Input Validation in TZ Firmware_CVE-2025-27040 - zero redgem","og_description":"{“lastseen”:””,”description”:”Information disclosure may occur while processing the hypervisor log.”,”published”:”2025-10-09T03:17:54.304Z”,”modified”:”2025-10-09T03:17:54.304Z”,”type”:”cve”,”title”:”Improper Input Validation in TZ Firmware”,”source”:”qualcomm”,”references”:”https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/october-2025-bulletin.html”,”id”:”CVE-2025-27040″,”bulletinFamily”:””,”cwe”:[“CWE-20″],”cvelist”:null,”sourceData”:”Qualcomm, Inc. Snapdragon CSR8811nQualcomm, Inc. Snapdragon Immersive Home 214 PlatformnQualcomm, Inc. Snapdragon...","og_url":"https:\/\/zero.redgem.net\/?p=20748","og_site_name":"zero redgem","article_published_time":"2025-10-08T22:28:22+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=20748#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=20748"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Improper Input Validation in TZ Firmware_CVE-2025-27040","datePublished":"2025-10-08T22:28:22+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=20748"},"wordCount":410,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-6.5","exploit","MEDIUM","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=20748#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=20748","url":"https:\/\/zero.redgem.net\/?p=20748","name":"Improper Input Validation in TZ Firmware_CVE-2025-27040 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-10-08T22:28:22+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=20748#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=20748"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=20748#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Improper Input Validation in TZ Firmware_CVE-2025-27040"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/20748","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=20748"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/20748\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=20748"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=20748"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=20748"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}