CVE-2025-2143107.04.2025, 11:15Information disclosure may be there when a guest VM is connected.TOCTOUEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.5 MEDIUMLOCALLOWLOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NqualcommCNA5.5 MEDIUMLOCALLOWLOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NCISA-ADPADP------Awaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: 1%Common Weakness EnumerationCWE-367 - Time-of-check Time-of-use (TOCTOU) Race ConditionThe software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the software to perform invalid actions when the resource is in an unexpected state.Referenceshttps://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html