CVE-2025-27065
HIGHDescription
Transient DOS while processing a frame with malformed shared-key descriptor.
Is your site exposed to CVE-2025-27065?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| qualcomm | ar8035_firmware |
| qualcomm | ar8035 |
| qualcomm | fastconnect_6800_firmware |
| qualcomm | fastconnect_6800 |
| qualcomm | fastconnect_6900_firmware |
| qualcomm | fastconnect_6900 |
| qualcomm | fastconnect_7800_firmware |
| qualcomm | fastconnect_7800 |
| qualcomm | immersive_home_3210_platform_firmware |
| qualcomm | immersive_home_3210_platform |
| qualcomm | immersive_home_326_platform_firmware |
| qualcomm | immersive_home_326_platform |
| qualcomm | ipq5300_firmware |
| qualcomm | ipq5300 |
| qualcomm | ipq5302_firmware |
| qualcomm | ipq5302 |
| qualcomm | ipq5312_firmware |
| qualcomm | ipq5312 |
| qualcomm | ipq5332_firmware |
| qualcomm | ipq5332 |
| qualcomm | ipq5424_firmware |
| qualcomm | ipq5424 |
| qualcomm | ipq9008_firmware |
| qualcomm | ipq9008 |
| qualcomm | ipq9048_firmware |
| qualcomm | ipq9048 |
| qualcomm | ipq9554_firmware |
| qualcomm | ipq9554 |
| qualcomm | ipq9570_firmware |
| qualcomm | ipq9570 |
| qualcomm | ipq9574_firmware |
| qualcomm | ipq9574 |
| qualcomm | qam8255p_firmware |
| qualcomm | qam8255p |
| qualcomm | qam8650p_firmware |
| qualcomm | qam8650p |
| qualcomm | qam8775p_firmware |
| qualcomm | qam8775p |
| qualcomm | qamsrv1h_firmware |
| qualcomm | qamsrv1h |
| qualcomm | qamsrv1m_firmware |
| qualcomm | qamsrv1m |
| qualcomm | qca0000_firmware |
| qualcomm | qca0000 |
| qualcomm | qca6391_firmware |
| qualcomm | qca6391 |
| qualcomm | qca6426_firmware |
| qualcomm | qca6426 |
| qualcomm | qca6436_firmware |
| qualcomm | qca6436 |
| qualcomm | qca6554a_firmware |
| qualcomm | qca6554a |
| qualcomm | qca6564au_firmware |
| qualcomm | qca6564au |
| qualcomm | qca6574_firmware |
| qualcomm | qca6574 |
| qualcomm | qca6574a_firmware |
| qualcomm | qca6574a |
| qualcomm | qca6574au_firmware |
| qualcomm | qca6574au |
| qualcomm | qca6584au_firmware |
| qualcomm | qca6584au |
| qualcomm | qca6595_firmware |
| qualcomm | qca6595 |
| qualcomm | qca6595au_firmware |
| qualcomm | qca6595au |
| qualcomm | qca6678aq_firmware |
| qualcomm | qca6678aq |
| qualcomm | qca6688aq_firmware |
| qualcomm | qca6688aq |
| qualcomm | qca6696_firmware |
| qualcomm | qca6696 |
| qualcomm | qca6698aq_firmware |
| qualcomm | qca6698aq |
| qualcomm | qca6777aq_firmware |
| qualcomm | qca6777aq |
| qualcomm | qca6787aq_firmware |
| qualcomm | qca6787aq |
| qualcomm | qca6797aq_firmware |
| qualcomm | qca6797aq |
| qualcomm | qca8075_firmware |
| qualcomm | qca8075 |
| qualcomm | qca8080_firmware |
| qualcomm | qca8080 |
| qualcomm | qca8081_firmware |
| qualcomm | qca8081 |
| qualcomm | qca8082_firmware |
| qualcomm | qca8082 |
| qualcomm | qca8084_firmware |
| qualcomm | qca8084 |
| qualcomm | qca8085_firmware |
| qualcomm | qca8085 |
| qualcomm | qca8101_firmware |
| qualcomm | qca8101 |
| qualcomm | qca8102_firmware |
| qualcomm | qca8102 |
| qualcomm | qca8111_firmware |
| qualcomm | qca8111 |
| qualcomm | qca8112_firmware |
| qualcomm | qca8112 |
| qualcomm | qca8337_firmware |
| qualcomm | qca8337 |
| qualcomm | qca8384_firmware |
| qualcomm | qca8384 |
| qualcomm | qca8385_firmware |
| qualcomm | qca8385 |
| qualcomm | qca8386_firmware |
| qualcomm | qca8386 |
| qualcomm | qcc2073_firmware |
| qualcomm | qcc2073 |
| qualcomm | qcc2076_firmware |
| qualcomm | qcc2076 |
| qualcomm | qcc710_firmware |
| qualcomm | qcc710 |
| qualcomm | qcf8000_firmware |
| qualcomm | qcf8000 |
| qualcomm | qcf8001_firmware |
| qualcomm | qcf8001 |
| qualcomm | qcm8550_firmware |
| qualcomm | qcm8550 |
| qualcomm | qcn5124_firmware |
| qualcomm | qcn5124 |
| qualcomm | qcn5224_firmware |
| qualcomm | qcn5224 |
| qualcomm | qcn6224_firmware |
| qualcomm | qcn6224 |
| qualcomm | qcn6274_firmware |
| qualcomm | qcn6274 |
| qualcomm | qcn6402_firmware |
| qualcomm | qcn6402 |
| qualcomm | qcn6412_firmware |
| qualcomm | qcn6412 |
| qualcomm | qcn6422_firmware |
| qualcomm | qcn6422 |
| qualcomm | qcn6432_firmware |
| qualcomm | qcn6432 |
| qualcomm | qcn9000_firmware |
| qualcomm | qcn9000 |
| qualcomm | qcn9011_firmware |
| qualcomm | qcn9011 |
| qualcomm | qcn9012_firmware |
| qualcomm | qcn9012 |
| qualcomm | qcn9024_firmware |
| qualcomm | qcn9024 |
| qualcomm | qcn9074_firmware |
| qualcomm | qcn9074 |
| qualcomm | qcn9160_firmware |
| qualcomm | qcn9160 |
| qualcomm | qcn9274_firmware |
| qualcomm | qcn9274 |
| qualcomm | qcs8550_firmware |
| qualcomm | qcs8550 |
| qualcomm | qfw7114_firmware |
| qualcomm | qfw7114 |
| qualcomm | qfw7124_firmware |
| qualcomm | qfw7124 |
| qualcomm | qmp1000_firmware |
| qualcomm | qmp1000 |
| qualcomm | qxm8083_firmware |
| qualcomm | qxm8083 |
| qualcomm | sa7255p_firmware |
| qualcomm | sa7255p |
| qualcomm | sa7775p_firmware |
| qualcomm | sa7775p |
| qualcomm | sa8255p_firmware |
| qualcomm | sa8255p |
| qualcomm | sa8620p_firmware |
| qualcomm | sa8620p |
| qualcomm | sa8650p_firmware |
| qualcomm | sa8650p |
| qualcomm | sa8770p_firmware |
| qualcomm | sa8770p |
| qualcomm | sa8775p_firmware |
| qualcomm | sa8775p |
| qualcomm | sa9000p_firmware |
| qualcomm | sa9000p |
| qualcomm | sc8380xp_firmware |
| qualcomm | sc8380xp |
| qualcomm | sd_8_gen1_5g_firmware |
| qualcomm | sd_8_gen1_5g |
| qualcomm | sd865_5g_firmware |
| qualcomm | sd865_5g |
| qualcomm | sm6650_firmware |
| qualcomm | sm6650 |
| qualcomm | sm6650p_firmware |
| qualcomm | sm6650p |
| qualcomm | sm7635_firmware |
| qualcomm | sm7635 |
| qualcomm | sm7675_firmware |
| qualcomm | sm7675 |
| qualcomm | sm7675p_firmware |
| qualcomm | sm7675p |
| qualcomm | sm8550p_firmware |
| qualcomm | sm8550p |
| qualcomm | sm8635_firmware |
| qualcomm | sm8635 |
| qualcomm | sm8635p_firmware |
| qualcomm | sm8635p |
| qualcomm | sm8650q_firmware |
| qualcomm | sm8650q |
| qualcomm | sm8735_firmware |
| qualcomm | sm8735 |
| qualcomm | sm8750_firmware |
| qualcomm | sm8750 |
| qualcomm | sm8750p_firmware |
| qualcomm | sm8750p |
| qualcomm | snapdragon_8_gen_1_mobile_platform_firmware |
| qualcomm | snapdragon_8_gen_1_mobile_platform |
| qualcomm | snapdragon_8_gen_2_mobile_platform_firmware |
| qualcomm | snapdragon_8_gen_2_mobile_platform |
| qualcomm | snapdragon_8_gen_3_mobile_platform_firmware |
| qualcomm | snapdragon_8_gen_3_mobile_platform |
| qualcomm | snapdragon_8\+_gen_2_mobile_platform_firmware |
| qualcomm | snapdragon_8\+_gen_2_mobile_platform |
| qualcomm | snapdragon_865_5g_mobile_platform_firmware |
| qualcomm | snapdragon_865_5g_mobile_platform |
| qualcomm | snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware |
| qualcomm | snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\) |
| qualcomm | snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware |
| qualcomm | snapdragon_870_5g_mobile_platform_\(sm8250-ac\) |
| qualcomm | snapdragon_ar1_gen_1_platform_firmware |
| qualcomm | snapdragon_ar1_gen_1_platform |
| qualcomm | snapdragon_ar1_gen_1_platform_\"luna1\"_firmware |
| qualcomm | snapdragon_ar1_gen_1_platform_\"luna1\" |
| qualcomm | snapdragon_ar2_gen_1_platform_firmware |
| qualcomm | snapdragon_ar2_gen_1_platform |
| qualcomm | snapdragon_auto_5g_modem-rf_gen_2_firmware |
| qualcomm | snapdragon_auto_5g_modem-rf_gen_2 |
| qualcomm | snapdragon_x72_5g_modem-rf_system_firmware |
| qualcomm | snapdragon_x72_5g_modem-rf_system |
| qualcomm | snapdragon_x75_5g_modem-rf_system_firmware |
| qualcomm | snapdragon_x75_5g_modem-rf_system |
| qualcomm | snapdragon_xr2_5g_platform_firmware |
| qualcomm | snapdragon_xr2_5g_platform |
| qualcomm | srv1h_firmware |
| qualcomm | srv1h |
| qualcomm | srv1m_firmware |
| qualcomm | srv1m |
| qualcomm | ssg2115p_firmware |
| qualcomm | ssg2115p |
| qualcomm | ssg2125p_firmware |
| qualcomm | ssg2125p |
| qualcomm | sxr1230p_firmware |
| qualcomm | sxr1230p |
| qualcomm | sxr2230p_firmware |
| qualcomm | sxr2230p |
| qualcomm | sxr2250p_firmware |
| qualcomm | sxr2250p |
| qualcomm | sxr2330p_firmware |
| qualcomm | sxr2330p |
| qualcomm | wcd9340_firmware |
| qualcomm | wcd9340 |
| qualcomm | wcd9370_firmware |
| qualcomm | wcd9370 |
| qualcomm | wcd9375_firmware |
| qualcomm | wcd9375 |
| qualcomm | wcd9378_firmware |
| qualcomm | wcd9378 |
| qualcomm | wcd9380_firmware |
| qualcomm | wcd9380 |
| qualcomm | wcd9385_firmware |
| qualcomm | wcd9385 |
| qualcomm | wcd9390_firmware |
| qualcomm | wcd9390 |
| qualcomm | wcd9395_firmware |
| qualcomm | wcd9395 |
| qualcomm | wcn6450_firmware |
| qualcomm | wcn6450 |
| qualcomm | wcn6650_firmware |
| qualcomm | wcn6650 |
| qualcomm | wcn6740_firmware |
| qualcomm | wcn6740 |
| qualcomm | wcn6755_firmware |
| qualcomm | wcn6755 |
| qualcomm | wcn7750_firmware |
| qualcomm | wcn7750 |
| qualcomm | wcn7860_firmware |
| qualcomm | wcn7860 |
| qualcomm | wcn7861_firmware |
| qualcomm | wcn7861 |
| qualcomm | wcn7880_firmware |
| qualcomm | wcn7880 |
| qualcomm | wcn7881_firmware |
| qualcomm | wcn7881 |
| qualcomm | wsa8810_firmware |
| qualcomm | wsa8810 |
| qualcomm | wsa8815_firmware |
| qualcomm | wsa8815 |
| qualcomm | wsa8830_firmware |
| qualcomm | wsa8830 |
| qualcomm | wsa8832_firmware |
| qualcomm | wsa8832 |
| qualcomm | wsa8835_firmware |
| qualcomm | wsa8835 |
| qualcomm | wsa8840_firmware |
| qualcomm | wsa8840 |
| qualcomm | wsa8845_firmware |
| qualcomm | wsa8845 |
| qualcomm | wsa8845h_firmware |
| qualcomm | wsa8845h |
References
Frequently Asked Questions
What is CVE-2025-27065? +
How severe is CVE-2025-27065? +
What products are affected by CVE-2025-27065? +
How do I check if I'm vulnerable to CVE-2025-27065? +
Related Vulnerabilities
A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet …
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callback, …
In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the …
BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacapp_decode_application_data in bacapp.c.
In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the _nx_secure_tls_process_clienthello() function was missing length verification of certain …