CVE-2025-21472 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
qualcomm	CNA	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 1%

Vendor	Product	Version
qualcomm	fastconnect_6900_firmware	-
qualcomm	fastconnect_7800_firmware	-
qualcomm	qca9367_firmware	-
qualcomm	qca9377_firmware	-
qualcomm	qcs8550_firmware	-
qualcomm	sa8530p_firmware	-
qualcomm	sa8540p_firmware	-
qualcomm	sa9000p_firmware	-
qualcomm	snapdragon_8_gen_1_mobile_platform_firmware	-
qualcomm	wcd9380_firmware	-
qualcomm	wsa8830_firmware	-
qualcomm	wsa8835_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-489 - Active Debug Code
The application is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html