Qualcomm FastConnect 6200
Moderate fix1 remedy
cpe:2.3:h:qualcomm:fastconnect_6200:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Primary
Context
Qualcomm WLAN Host Buffer Over-read Vulnerability Allowing Memory Corruption
Vulnerability
A buffer over-read vulnerability has been identified in the WLAN Host component of Qualcomm chipsets. This vulnerability occurs when a Station (STA) connects to an Access Point (AP) and an ADD TS request is initiated from the AP to establish a TSpec session. The vulnerability leads to memory corruption by improperly handling the timing or content of the transmitted data.
Impact
Exploitation of this vulnerability causes memory corruption, which can lead to arbitrary code execution or local denial-of-service conditions.
Reproduction
To reproduce this vulnerability, connect a device to an Access Point (AP) and initiate an ADD TS request from the AP to the device. This process can be done using standard Wi-Fi management tools or scripts that automate the connection and request initiation.
Remediation
Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm April 2025 Security Bulletin.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Affected Products
Qualcomm FastConnect 6700
Moderate fix1 remedy
cpe:2.3:h:qualcomm:fastconnect_6700:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm FastConnect 6800
Moderate fix1 remedy
cpe:2.3:h:qualcomm:fastconnect_6800:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm FastConnect 6900
Moderate fix1 remedy
cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm FastConnect 7800
Moderate fix1 remedy
cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm AQT1000
Moderate fix1 remedy
cpe:2.3:h:qualcomm:aqt1000:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm AR8035
Moderate fix1 remedy
cpe:2.3:h:qualcomm:ar8035:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6174A
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6174a:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6391
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6391:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6420
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6420:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6421
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6421:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6426
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6426:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6430
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6430:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6431
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6431:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6436
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6436:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6574
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6574:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6574A
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6574a:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6574AU
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6574au:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6584AU
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6584au:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6595
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6595:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6595AU
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6595au:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6678AQ
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6678aq:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6688AQ
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6688aq:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6696
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6696:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6698AQ
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6698aq:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA6797AQ
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca6797aq:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA8081
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca8081:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCA8337
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qca8337:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCC710
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcc710:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCM2290
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcm2290:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCM4290
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcm4290:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCM4325
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcm4325:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCM4490
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcm4490:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCM5430
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcm5430:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCM6125
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcm6125:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCM6490
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcm6490:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCM8550
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcm8550:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCN6024
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcn6024:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCN6224
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcn6224:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCN6274
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcn6274:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCN7606
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcn7606:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCN9011
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcn9011:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCN9012
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcn9012:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCN9024
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcn9024:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCN9274
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcn9274:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS2290
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs2290:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS4290
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs4290:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS4490
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs4490:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS5430
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs5430:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS6125
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs6125:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS6490
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs6490:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS7230
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs7230:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS8250
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs8250:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS8300
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs8300:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS8550
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qcs8550:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QCS9100
0 remedies
cpe:2.3:h:qualcomm:qcs9100:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm QDU1000
0 remedies
cpe:2.3:h:qualcomm:qdu1000:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm QDU1010
0 remedies
cpe:2.3:h:qualcomm:qdu1010:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm QDU1110
0 remedies
cpe:2.3:h:qualcomm:qdu1110:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm QDU1210
0 remedies
cpe:2.3:h:qualcomm:qdu1210:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm QDX1010
0 remedies
cpe:2.3:h:qualcomm:qdx1010:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm QDX1011
0 remedies
cpe:2.3:h:qualcomm:qdx1011:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm QEP8111
0 remedies
cpe:2.3:h:qualcomm:qep8111:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm QFW7114
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qfw7114:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm QFW7124
Moderate fix1 remedy
cpe:2.3:h:qualcomm:qfw7124:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SD 8 Gen1 5G
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sd_8_gen1_5g:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SD670
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sd670:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SD730
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sd730:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SD855
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sd855:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SD865 5G
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sd865_5g:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SD888
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sd888:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SDX61
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sdx61:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SG4150P
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sg4150p:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SG8275P
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sg8275p:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM4125
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm4125:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM4635
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm4635:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM6250
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm6250:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM6370
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm6370:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM6650
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm6650:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM7250P
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm7250:*:*:*:*:*:*:*, +3 more
Moderate fix1 remedy
Qualcomm SM7315
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm7315:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM7325P
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm7325:*:*:*:*:*:*:*, +3 more
Moderate fix1 remedy
Qualcomm SM7635
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm7635:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM7675
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm7675:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM7675P
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm7675p:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM8550P
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm8550:*:*:*:*:*:*:*, +3 more
Moderate fix1 remedy
Qualcomm SM8635
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm8635:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM8635P
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm8635p:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM8650Q
Moderate fix1 remedy
cpe:2.3:o:qualcomm:sm8650q_firmware:*:*:*:*:*:*:*
Moderate fix1 remedy
Qualcomm SM8735
Moderate fix1 remedy
Moderate fix1 remedy
Qualcomm SM8750
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm8750:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm SM8750P
Moderate fix1 remedy
cpe:2.3:h:qualcomm:sm8750p:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm Snapdragon 4 Gen 1 Mobile Platform
0 remedies
cpe:2.3:h:qualcomm:snapdragon_4_gen_1_mobile:*:*:*:*:*:*:*, +3 more
0 remedies
Qualcomm Snapdragon 4 Gen 2 Mobile Platform
0 remedies
cpe:2.3:h:qualcomm:snapdragon_4_gen_2_mobile:*:*:*:*:*:*:*, +3 more
0 remedies
Qualcomm Snapdragon 8 Gen 1 Mobile Platform
0 remedies
cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm Snapdragon 8 Gen 2 Mobile Platform
0 remedies
cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile_platform:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm Snapdragon 8 Gen 3 Mobile Platform
0 remedies
cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile_platform:*:*:*:*:*:*:*, +1 more
0 remedies
Qualcomm Snapdragon 8+ Gen 1 Mobile Platform
0 remedies
cpe:2.3:h:qualcomm:snapdragon_8+_gen_1_mobile_platform:*:*:*:*:*:*:*, +1 more
0 remedies
References
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html
AdvisoryBundleRemedyVendor
Showing 1-1 of 1 references
Vulnerability Rating
Custom Algorithm
spread
8.1impact
2.5exploitability
7.3remediation
7.7relevance
0.0threat
1.6urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
Vulnerability Rating
Custom Algorithm
spread
8.1impact
2.5exploitability
7.3remediation
7.7relevance
0.0threat
1.6urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.