CVE-2025-27033

moderate-risk

Published 2025-09-24

Information disclosure while running video usecase having rogue firmware.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.1/10 Medium

LOCAL / LOW complexity

Qcm5430 Firmware

Qcm6490 Firmware

Qcs5430 Firmware

Qcs6490 Firmware

Qcm8550 Firmware

Qcs8550 Firmware

Qcs615 Firmware

Qcs9100 Firmware

Sm6650 Firmware

Sm7635 Firmware

Sm8650 Firmware

Sm8650P Firmware

Sm8650Q Firmware

Sm7675 Firmware

Sm7675P Firmware

Sm8635 Firmware

Sm8635P Firmware

Sm8750 Firmware

Sm8750P Firmware

Sxr2330P Firmware

Qualcomm

Vendor Advisory https://docs.qualcomm.com/product/publicresources/securitybulletin/september-202...

/ 100

moderate-risk

Severity 20/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 23/34 · High