CVE-2025-27053 - Vulnerability Details - OpenCVE

Memory corruption during PlayReady APP usecase while processing TA commands.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html

History

Thu, 09 Oct 2025 03:30:00 +0000

Type	Values Removed	Values Added
Description		Memory corruption during PlayReady APP usecase while processing TA commands.
Title		Incorrect Calculation of Buffer Size in HLOS
Weaknesses		CWE-131
References		https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2025-10-09T03:18:00.779Z

Updated: 2025-10-09T03:18:00.779Z

Reserved: 2025-02-18T09:19:46.885Z

Link: CVE-2025-27053

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-09T04:16:44.270

Modified: 2025-10-09T04:16:44.270

Link: CVE-2025-27053

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-27053", "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "state": "PUBLISHED", "assignerShortName": "qualcomm", "dateReserved": "2025-02-18T09:19:46.885Z", "datePublished": "2025-10-09T03:18:00.779Z", "dateUpdated": "2025-10-09T03:18:00.779Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Snapdragon Auto", "Snapdragon CCW", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon IoT", "Snapdragon Mobile", "Snapdragon Technology", "Snapdragon Voice & Music", "Snapdragon WBC", "Snapdragon Wearables"], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "315 5G IoT Modem"}, {"status": "affected", "version": "9205 LTE Modem"}, {"status": "affected", "version": "9206 LTE Modem"}, {"status": "affected", "version": "9207 LTE Modem"}, {"status": "affected", "version": "APQ8017"}, {"status": "affected", "version": "APQ8037"}, {"status": "affected", "version": "APQ8064AU"}, {"status": "affected", "version": "AQT1000"}, {"status": "affected", "version": "AR8031"}, {"status": "affected", "version": "AR8035"}, {"status": "affected", "version": "C-V2X 9150"}, {"status": "affected", "version": "CSRA6620"}, {"status": "affected", "version": "CSRA6640"}, {"status": "affected", "version": "CSRB31024"}, {"status": "affected", "version": "FastConnect 6200"}, {"status": "affected", "version": "FastConnect 6700"}, {"status": "affected", "version": "FastConnect 6800"}, {"status": "affected", "version": "FastConnect 6900"}, {"status": "affected", "version": "FastConnect 7800"}, {"status": "affected", "version": "Flight RB5 5G Platform"}, {"status": "affected", "version": "Home Hub 100 Platform"}, {"status": "affected", "version": "MDM8207"}, {"status": "affected", "version": "MDM9205S"}, {"status": "affected", "version": "MDM9250"}, {"status": "affected", "version": "MDM9628"}, {"status": "affected", "version": "MDM9640"}, {"status": "affected", "version": "MDM9650"}, {"status": "affected", "version": "MSM8996AU"}, {"status": "affected", "version": "PM8937"}, {"status": "affected", "version": "QAM8255P"}, {"status": "affected", "version": "QAM8295P"}, {"status": "affected", "version": "QAM8620P"}, {"status": "affected", "version": "QAM8650P"}, {"status": "affected", "version": "QAM8775P"}, {"status": "affected", "version": "QAMSRV1H"}, {"status": "affected", "version": "QAMSRV1M"}, {"status": "affected", "version": "QCA4004"}, {"status": "affected", "version": "QCA6174A"}, {"status": "affected", "version": "QCA6234"}, {"status": "affected", "version": "QCA6310"}, {"status": "affected", "version": "QCA6320"}, {"status": "affected", "version": "QCA6335"}, {"status": "affected", "version": "QCA6391"}, {"status": "affected", "version": "QCA6420"}, {"status": "affected", "version": "QCA6421"}, {"status": "affected", "version": "QCA6426"}, {"status": "affected", "version": "QCA6430"}, {"status": "affected", "version": "QCA6431"}, {"status": "affected", "version": "QCA6436"}, {"status": "affected", "version": "QCA6564"}, {"status": "affected", "version": "QCA6564A"}, {"status": "affected", "version": "QCA6564AU"}, {"status": "affected", "version": "QCA6574"}, {"status": "affected", "version": "QCA6574A"}, {"status": "affected", "version": "QCA6574AU"}, {"status": "affected", "version": "QCA6584AU"}, {"status": "affected", "version": "QCA6595"}, {"status": "affected", "version": "QCA6595AU"}, {"status": "affected", "version": "QCA6678AQ"}, {"status": "affected", "version": "QCA6688AQ"}, {"status": "affected", "version": "QCA6696"}, {"status": "affected", "version": "QCA6698AQ"}, {"status": "affected", "version": "QCA6698AU"}, {"status": "affected", "version": "QCA6797AQ"}, {"status": "affected", "version": "QCA8081"}, {"status": "affected", "version": "QCA8337"}, {"status": "affected", "version": "QCA8386"}, {"status": "affected", "version": "QCA8695AU"}, {"status": "affected", "version": "QCA9367"}, {"status": "affected", "version": "QCA9377"}, {"status": "affected", "version": "QCA9379"}, {"status": "affected", "version": "QCC2072"}, {"status": "affected", "version": "QCC710"}, {"status": "affected", "version": "QCC711"}, {"status": "affected", "version": "QCF8001"}, {"status": "affected", "version": "QCM2150"}, {"status": "affected", "version": "QCM2290"}, {"status": "affected", "version": "QCM4290"}, {"status": "affected", "version": "QCM4325"}, {"status": "affected", "version": "QCM4490"}, {"status": "affected", "version": "QCM5430"}, {"status": "affected", "version": "QCM6125"}, {"status": "affected", "version": "QCM6490"}, {"status": "affected", "version": "QCM6690"}, {"status": "affected", "version": "QCM8550"}, {"status": "affected", "version": "QCN6024"}, {"status": "affected", "version": "QCN6224"}, {"status": "affected", "version": "QCN6274"}, {"status": "affected", "version": "QCN7606"}, {"status": "affected", "version": "QCN9011"}, {"status": "affected", "version": "QCN9012"}, {"status": "affected", "version": "QCN9024"}, {"status": "affected", "version": "QCN9074"}, {"status": "affected", "version": "QCN9274"}, {"status": "affected", "version": "QCS2290"}, {"status": "affected", "version": "QCS410"}, {"status": "affected", "version": "QCS4290"}, {"status": "affected", "version": "QCS4490"}, {"status": "affected", "version": "QCS5430"}, {"status": "affected", "version": "QCS610"}, {"status": "affected", "version": "QCS6125"}, {"status": "affected", "version": "QCS615"}, {"status": "affected", "version": "QCS6490"}, {"status": "affected", "version": "QCS6690"}, {"status": "affected", "version": "QCS7230"}, {"status": "affected", "version": "QCS8155"}, {"status": "affected", "version": "QCS8250"}, {"status": "affected", "version": "QCS8300"}, {"status": "affected", "version": "QCS8550"}, {"status": "affected", "version": "QCS9100"}, {"status": "affected", "version": "QDU1000"}, {"status": "affected", "version": "QDU1010"}, {"status": "affected", "version": "QDU1110"}, {"status": "affected", "version": "QDU1210"}, {"status": "affected", "version": "QDX1010"}, {"status": "affected", "version": "QDX1011"}, {"status": "affected", "version": "QEP8111"}, {"status": "affected", "version": "QFW7114"}, {"status": "affected", "version": "QFW7124"}, {"status": "affected", "version": "QMP1000"}, {"status": "affected", "version": "QRB5165M"}, {"status": "affected", "version": "QRB5165N"}, {"status": "affected", "version": "QRU1032"}, {"status": "affected", "version": "QRU1052"}, {"status": "affected", "version": "QRU1062"}, {"status": "affected", "version": "QSM8250"}, {"status": "affected", "version": "QSM8350"}, {"status": "affected", "version": "QTS110"}, {"status": "affected", "version": "Qualcomm 215 Mobile Platform"}, {"status": "affected", "version": "Qualcomm Video Collaboration VC1 Platform"}, {"status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform"}, {"status": "affected", "version": "Qualcomm Video Collaboration VC5 Platform"}, {"status": "affected", "version": "Robotics RB2 Platform"}, {"status": "affected", "version": "Robotics RB3 Platform"}, {"status": "affected", "version": "Robotics RB5 Platform"}, {"status": "affected", "version": "SA2150P"}, {"status": "affected", "version": "SA4150P"}, {"status": "affected", "version": "SA4155P"}, {"status": "affected", "version": "SA6145P"}, {"status": "affected", "version": "SA6150P"}, {"status": "affected", "version": "SA6155"}, {"status": "affected", "version": "SA6155P"}, {"status": "affected", "version": "SA7255P"}, {"status": "affected", "version": "SA7775P"}, {"status": "affected", "version": "SA8145P"}, {"status": "affected", "version": "SA8150P"}, {"status": "affected", "version": "SA8155"}, {"status": "affected", "version": "SA8155P"}, {"status": "affected", "version": "SA8195P"}, {"status": "affected", "version": "SA8255P"}, {"status": "affected", "version": "SA8295P"}, {"status": "affected", "version": "SA8530P"}, {"status": "affected", "version": "SA8540P"}, {"status": "affected", "version": "SA8620P"}, {"status": "affected", "version": "SA8650P"}, {"status": "affected", "version": "SA8770P"}, {"status": "affected", "version": "SA8775P"}, {"status": "affected", "version": "SA9000P"}, {"status": "affected", "version": "SC8180X+SDX55"}, {"status": "affected", "version": "SC8380XP"}, {"status": "affected", "version": "SD 675"}, {"status": "affected", "version": "SD 8 Gen1 5G"}, {"status": "affected", "version": "SD626"}, {"status": "affected", "version": "SD670"}, {"status": "affected", "version": "SD675"}, {"status": "affected", "version": "SD730"}, {"status": "affected", "version": "SD820"}, {"status": "affected", "version": "SD821"}, {"status": "affected", "version": "SD855"}, {"status": "affected", "version": "SD865 5G"}, {"status": "affected", "version": "SD888"}, {"status": "affected", "version": "SDM429W"}, {"status": "affected", "version": "SDX55"}, {"status": "affected", "version": "SDX61"}, {"status": "affected", "version": "SDX82"}, {"status": "affected", "version": "SDX85"}, {"status": "affected", "version": "SG4150P"}, {"status": "affected", "version": "SG6150"}, {"status": "affected", "version": "SG6150P"}, {"status": "affected", "version": "SG8275P"}, {"status": "affected", "version": "SM4125"}, {"status": "affected", "version": "SM4635"}, {"status": "affected", "version": "SM6225P"}, {"status": "affected", "version": "SM6250"}, {"status": "affected", "version": "SM6250P"}, {"status": "affected", "version": "SM6370"}, {"status": "affected", "version": "SM6650"}, {"status": "affected", "version": "SM6650P"}, {"status": "affected", "version": "SM7250P"}, {"status": "affected", "version": "SM7315"}, {"status": "affected", "version": "SM7325P"}, {"status": "affected", "version": "SM7635"}, {"status": "affected", "version": "SM7635P"}, {"status": "affected", "version": "SM7675"}, {"status": "affected", "version": "SM7675P"}, {"status": "affected", "version": "SM8550P"}, {"status": "affected", "version": "SM8635"}, {"status": "affected", "version": "SM8635P"}, {"status": "affected", "version": "SM8650Q"}, {"status": "affected", "version": "SM8735"}, {"status": "affected", "version": "SM8750"}, {"status": "affected", "version": "SM8750P"}, {"status": "affected", "version": "SM8850"}, {"status": "affected", "version": "SM8850P"}, {"status": "affected", "version": "Smart Audio 400 Platform"}, {"status": "affected", "version": "Smart Display 200 Platform (APQ5053-AA)"}, {"status": "affected", "version": "Snapdragon 1100 Wearable Platform"}, {"status": "affected", "version": "Snapdragon 1200 Wearable Platform"}, {"status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 4 Gen 2 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 425 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 427 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 429 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 430 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 435 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 439 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 450 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 460 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 480 5G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)"}, {"status": "affected", "version": "Snapdragon 625 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 626 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 632 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 662 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 665 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 670 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 675 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 678 Mobile Platform (SM6150-AC)"}, {"status": "affected", "version": "Snapdragon 680 4G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)"}, {"status": "affected", "version": "Snapdragon 690 5G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 695 5G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 710 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 712 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 720G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 730 Mobile Platform (SM7150-AA)"}, {"status": "affected", "version": "Snapdragon 730G Mobile Platform (SM7150-AB)"}, {"status": "affected", "version": "Snapdragon 732G Mobile Platform (SM7150-AC)"}, {"status": "affected", "version": "Snapdragon 750G 5G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)"}, {"status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)"}, {"status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)"}, {"status": "affected", "version": "Snapdragon 778G 5G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)"}, {"status": "affected", "version": "Snapdragon 780G 5G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)"}, {"status": "affected", "version": "Snapdragon 7c Compute Platform (SC7180-AC)"}, {"status": "affected", "version": "Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) \"Rennell Pro\""}, {"status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute"}, {"status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 8 Gen 2 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 8+ Gen 2 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 820 Automotive Platform"}, {"status": "affected", "version": "Snapdragon 820 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 821 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 845 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 855 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"}, {"status": "affected", "version": "Snapdragon 865 5G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"}, {"status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"}, {"status": "affected", "version": "Snapdragon 888 5G Mobile Platform"}, {"status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"}, {"status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\""}, {"status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""}, {"status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)"}, {"status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\""}, {"status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\""}, {"status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)"}, {"status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)"}, {"status": "affected", "version": "Snapdragon AR1 Gen 1 Platform"}, {"status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\""}, {"status": "affected", "version": "Snapdragon AR2 Gen 1 Platform"}, {"status": "affected", "version": "Snapdragon Auto 5G Modem-RF"}, {"status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2"}, {"status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform"}, {"status": "affected", "version": "Snapdragon Wear 1300 Platform"}, {"status": "affected", "version": "Snapdragon Wear 4100+ Platform"}, {"status": "affected", "version": "Snapdragon X12 LTE Modem"}, {"status": "affected", "version": "Snapdragon X24 LTE Modem"}, {"status": "affected", "version": "Snapdragon X32 5G Modem-RF System"}, {"status": "affected", "version": "Snapdragon X35 5G Modem-RF System"}, {"status": "affected", "version": "Snapdragon X5 LTE Modem"}, {"status": "affected", "version": "Snapdragon X50 5G Modem-RF System"}, {"status": "affected", "version": "Snapdragon X55 5G Modem-RF System"}, {"status": "affected", "version": "Snapdragon X62 5G Modem-RF System"}, {"status": "affected", "version": "Snapdragon X65 5G Modem-RF System"}, {"status": "affected", "version": "Snapdragon X72 5G Modem-RF System"}, {"status": "affected", "version": "Snapdragon X75 5G Modem-RF System"}, {"status": "affected", "version": "Snapdragon XR1 Platform"}, {"status": "affected", "version": "Snapdragon XR2 5G Platform"}, {"status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform"}, {"status": "affected", "version": "Snapdragon Auto 4G Modem"}, {"status": "affected", "version": "SRV1H"}, {"status": "affected", "version": "SRV1L"}, {"status": "affected", "version": "SRV1M"}, {"status": "affected", "version": "SSG2115P"}, {"status": "affected", "version": "SSG2125P"}, {"status": "affected", "version": "SW5100"}, {"status": "affected", "version": "SW5100P"}, {"status": "affected", "version": "SXR1120"}, {"status": "affected", "version": "SXR1230P"}, {"status": "affected", "version": "SXR2130"}, {"status": "affected", "version": "SXR2230P"}, {"status": "affected", "version": "SXR2250P"}, {"status": "affected", "version": "SXR2330P"}, {"status": "affected", "version": "SXR2350P"}, {"status": "affected", "version": "TalynPlus"}, {"status": "affected", "version": "Vision Intelligence 100 Platform (APQ8053-AA)"}, {"status": "affected", "version": "Vision Intelligence 200 Platform (APQ8053-AC)"}, {"status": "affected", "version": "Vision Intelligence 300 Platform"}, {"status": "affected", "version": "Vision Intelligence 400 Platform"}]}], "descriptions": [{"lang": "en", "value": "Memory corruption during PlayReady APP usecase while processing TA commands."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-131", "description": "CWE-131 Incorrect Calculation of Buffer Size", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm", "dateUpdated": "2025-10-09T03:18:00.779Z"}, "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html"}], "title": "Incorrect Calculation of Buffer Size in HLOS"}}}