CVE-2025-21429

high-risk

Published 2025-04-07

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.

Do I need to act?

0.35% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Sa9000P Firmware

Sd626 Firmware

Sd660 Firmware

Sd670 Firmware

Sd730 Firmware

Sd855 Firmware

Sd865 5G Firmware

Sdm429W Firmware

Sdx55 Firmware

Sdx61 Firmware

Sm4125 Firmware

Sm6250 Firmware

Sm6370 Firmware

Smart Audio 200 Platform Firmware

Smart Audio 400 Platform Firmware

Smart Display 200 Platform Firmware

Snapdragon 1200 Wearable Platform Firmware

Snapdragon 210 Processor Firmware

Snapdragon 212 Mobile Platform Firmware

Snapdragon 4 Gen 1 Mobile Platform Firmware

Qualcomm

Vendor Advisory https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bu...

/ 100

high-risk

Severity 26/34 · High

Exploitability 1/34 · Minimal

Exposure 33/34 · Critical