CVE-2025-21484

high-risk

Published 2025-09-24

Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.

Do I need to act?

0.05% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.2/10 High

NETWORK / LOW complexity

Sm8750 Firmware

Sm8750P Firmware

Sm8850 Firmware

Sm8850P Firmware

Smart Audio 200 Platform Firmware

Smart Display 200 Platform Firmware

Snapdragon 208 Processor Firmware

Snapdragon 210 Processor Firmware

Snapdragon 212 Mobile Platform Firmware

Snapdragon 4 Gen 1 Mobile Platform Firmware

Snapdragon 429 Mobile Platform Firmware

Snapdragon 460 Mobile Platform Firmware

Snapdragon 480 5G Mobile Platform Firmware

Snapdragon 480\+ 5G Mobile Platform \(Sm4350-Ac\) Firmware

Snapdragon 625 Mobile Platform Firmware

Snapdragon 626 Mobile Platform Firmware

Snapdragon 660 Mobile Platform Firmware

Snapdragon 662 Mobile Platform Firmware

Snapdragon 675 Mobile Platform Firmware

Snapdragon 678 Mobile Platform \(Sm6150-Ac\) Firmware

Qualcomm

Vendor Advisory https://docs.qualcomm.com/product/publicresources/securitybulletin/september-202...

/ 100

high-risk

Severity 28/34 · Critical

Exploitability 0/34 · Minimal

Exposure 33/34 · Critical