We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-21460

Improper Input Validation in Automotive Software platform based on QNX



Description

Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.

Reserved 2024-12-18 | Published 2025-05-06 | Updated 2025-05-07 | Assigner qualcomm


HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-20 Improper Input Validation

Product status

Default status
unaffected

QAM8255P
affected

QAM8295P
affected

QAM8620P
affected

QAM8650P
affected

QAM8775P
affected

QAMSRV1H
affected

QAMSRV1M
affected

QCA6574A
affected

QCA6574AU
affected

QCA6595
affected

QCA6595AU
affected

QCA6688AQ
affected

QCA6696
affected

QCA6698AQ
affected

SA6145P
affected

SA6150P
affected

SA6155
affected

SA6155P
affected

SA7255P
affected

SA7775P
affected

SA8145P
affected

SA8150P
affected

SA8155
affected

SA8155P
affected

SA8195P
affected

SA8255P
affected

SA8295P
affected

SA8540P
affected

SA8620P
affected

SA8650P
affected

SA8770P
affected

SA8775P
affected

SA9000P
affected

SRV1H
affected

SRV1L
affected

SRV1M
affected

References

docs.qualcomm.com/...securitybulletin/may-2025-bulletin.html

cve.org (CVE-2025-21460)

nvd.nist.gov (CVE-2025-21460)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-21460

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.