CVE-2025-21476
HIGHDescription
Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.
Is your site exposed to CVE-2025-21476?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| qualcomm | qcs6490_firmware |
| qualcomm | qcs6490 |
| qualcomm | qcs8550_firmware |
| qualcomm | qcs8550 |
| qualcomm | qcs9100_firmware |
| qualcomm | qcs9100 |
| qualcomm | sg8275_firmware |
| qualcomm | sg8275 |
| qualcomm | sg8275p_firmware |
| qualcomm | sg8275p |
| qualcomm | sm6650_firmware |
| qualcomm | sm6650 |
| qualcomm | sm7635_firmware |
| qualcomm | sm7635 |
| qualcomm | sm7675_firmware |
| qualcomm | sm7675 |
| qualcomm | sm7675p_firmware |
| qualcomm | sm7675p |
| qualcomm | sm8550_firmware |
| qualcomm | sm8550 |
| qualcomm | sm8550p_firmware |
| qualcomm | sm8550p |
| qualcomm | sm8635_firmware |
| qualcomm | sm8635 |
| qualcomm | sm8635p_firmware |
| qualcomm | sm8635p |
| qualcomm | sm8650_firmware |
| qualcomm | sm8650 |
| qualcomm | sm8650p_firmware |
| qualcomm | sm8650p |
| qualcomm | sm8650q_firmware |
| qualcomm | sm8650q |
| qualcomm | sm8750_firmware |
| qualcomm | sm8750 |
| qualcomm | sm8750p_firmware |
| qualcomm | sm8750p |
| qualcomm | sxr2330p_firmware |
| qualcomm | sxr2330p |
| qualcomm | qca6391_firmware |
| qualcomm | qca6391 |
| qualcomm | qca6698aq_firmware |
| qualcomm | qca6698aq |
| qualcomm | qcn9011_firmware |
| qualcomm | qcn9011 |
| qualcomm | qcn9012_firmware |
| qualcomm | qcn9012 |
| qualcomm | qcn9274_firmware |
| qualcomm | qcn9274 |
| qualcomm | wcn3910_firmware |
| qualcomm | wcn3910 |
| qualcomm | wcn3950_firmware |
| qualcomm | wcn3950 |
| qualcomm | wcn6650_firmware |
| qualcomm | wcn6650 |
| qualcomm | wcn6750_firmware |
| qualcomm | wcn6750 |
| qualcomm | wcn6755_firmware |
| qualcomm | wcn6755 |
| qualcomm | wcn6855_firmware |
| qualcomm | wcn6855 |
| qualcomm | wcn6856_firmware |
| qualcomm | wcn6856 |
| qualcomm | wcn7850_firmware |
| qualcomm | wcn7850 |
| qualcomm | wcn7851_firmware |
| qualcomm | wcn7851 |
| qualcomm | wcn7860_firmware |
| qualcomm | wcn7860 |
| qualcomm | wcn7861_firmware |
| qualcomm | wcn7861 |
| qualcomm | wcn7880_firmware |
| qualcomm | wcn7880 |
| qualcomm | wcn7881_firmware |
| qualcomm | wcn7881 |
| qualcomm | qcm5430_firmware |
| qualcomm | qcm5430 |
| qualcomm | qcm6490_firmware |
| qualcomm | qcm6490 |
| qualcomm | qcm8550_firmware |
| qualcomm | qcm8550 |
| qualcomm | qcs5430_firmware |
| qualcomm | qcs5430 |
| qualcomm | qcs615_firmware |
| qualcomm | qcs615 |
References
Frequently Asked Questions
What is CVE-2025-21476? +
How severe is CVE-2025-21476? +
What products are affected by CVE-2025-21476? +
How do I check if I'm vulnerable to CVE-2025-21476? +
Related Vulnerabilities
zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain …
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM …
An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS) traffic between DDNS services and …
The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” …
A vulnerability has been found in TP-Link TL-WR940N V4 and TL-WR841N V11. Affected by this issue is some unknown functionality …
Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer …