CVE-2025-27033 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.1 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
qualcomm	CNA	6.1 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 2%

Vendor	Product	Version
qualcomm	qcm5430_firmware	-
qualcomm	qcm6490_firmware	-
qualcomm	qcs5430_firmware	-
qualcomm	qcs6490_firmware	-
qualcomm	qcm8550_firmware	-
qualcomm	qcs8550_firmware	-
qualcomm	qcs615_firmware	-
qualcomm	qcs9100_firmware	-
qualcomm	sm6650_firmware	-
qualcomm	sm7635_firmware	-
qualcomm	sm8650_firmware	-
qualcomm	sm8650p_firmware	-
qualcomm	sm8650q_firmware	-
qualcomm	sm7675_firmware	-
qualcomm	sm7675p_firmware	-
qualcomm	sm8635_firmware	-
qualcomm	sm8635p_firmware	-
qualcomm	sm8750_firmware	-
qualcomm	sm8750p_firmware	-
qualcomm	sxr2330p_firmware	-
qualcomm	wcn6750_firmware	-
qualcomm	wcn6856_firmware	-
qualcomm	qcn9274_firmware	-
qualcomm	wcn7851_firmware	-
qualcomm	qca6698aq_firmware	-
qualcomm	wcn6650_firmware	-
qualcomm	wcn6755_firmware	-
qualcomm	wcn7850_firmware	-
qualcomm	wcn7880_firmware	-
qualcomm	wcn7860_firmware	-
qualcomm	wcn7861_firmware	-
qualcomm	wcn7881_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-126 - Buffer Over-read
The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html