CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader (U-Boot) before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.6 HIGH
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
mitreCNA
7.6 HIGH
PHYSICAL
LOW
NONE
CVSS:3.1/AC:L/AV:P/A:H/C:H/I:H/PR:N/S:C/UI:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-343-01