CVE-2025-21486
HIGHDescription
Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.
Is your site exposed to CVE-2025-21486?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| qualcomm | fastconnect_6900_firmware |
| qualcomm | fastconnect_6900 |
| qualcomm | fastconnect_7800_firmware |
| qualcomm | fastconnect_7800 |
| qualcomm | qmp1000_firmware |
| qualcomm | qmp1000 |
| qualcomm | sm8735_firmware |
| qualcomm | sm8735 |
| qualcomm | sm8750_firmware |
| qualcomm | sm8750 |
| qualcomm | sm8750p_firmware |
| qualcomm | sm8750p |
| qualcomm | snapdragon_w5\+_gen_1_wearable_platform_firmware |
| qualcomm | snapdragon_w5\+_gen_1_wearable_platform |
| qualcomm | sw5100_firmware |
| qualcomm | sw5100 |
| qualcomm | sw5100p_firmware |
| qualcomm | sw5100p |
| qualcomm | sxr2230p_firmware |
| qualcomm | sxr2230p |
| qualcomm | sxr2250p_firmware |
| qualcomm | sxr2250p |
| qualcomm | sxr2330p_firmware |
| qualcomm | sxr2330p |
| qualcomm | wcd9378_firmware |
| qualcomm | wcd9378 |
| qualcomm | wcd9380_firmware |
| qualcomm | wcd9380 |
| qualcomm | wcd9385_firmware |
| qualcomm | wcd9385 |
| qualcomm | wcd9395_firmware |
| qualcomm | wcd9395 |
| qualcomm | wcn3660b_firmware |
| qualcomm | wcn3660b |
| qualcomm | wcn3680b_firmware |
| qualcomm | wcn3680b |
| qualcomm | wcn3980_firmware |
| qualcomm | wcn3980 |
| qualcomm | wcn3988_firmware |
| qualcomm | wcn3988 |
| qualcomm | wcn7750_firmware |
| qualcomm | wcn7750 |
| qualcomm | wcn7860_firmware |
| qualcomm | wcn7860 |
| qualcomm | wcn7861_firmware |
| qualcomm | wcn7861 |
| qualcomm | wcn7880_firmware |
| qualcomm | wcn7880 |
| qualcomm | wcn7881_firmware |
| qualcomm | wcn7881 |
| qualcomm | wsa8830_firmware |
| qualcomm | wsa8830 |
| qualcomm | wsa8832_firmware |
| qualcomm | wsa8832 |
| qualcomm | wsa8835_firmware |
| qualcomm | wsa8835 |
| qualcomm | wsa8840_firmware |
| qualcomm | wsa8840 |
| qualcomm | wsa8845_firmware |
| qualcomm | wsa8845 |
| qualcomm | wsa8845h_firmware |
| qualcomm | wsa8845h |
References
Frequently Asked Questions
What is CVE-2025-21486? +
How severe is CVE-2025-21486? +
What products are affected by CVE-2025-21486? +
How do I check if I'm vulnerable to CVE-2025-21486? +
Related Vulnerabilities
Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local …
Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow …
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM …
Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before …
Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine.