Primary

Context

Qualcomm Products Buffer Over-Read Vulnerability in Automotive Android OS

Vulnerability

A buffer over-read vulnerability has been identified in Qualcomm's Automotive Android OS platform. This vulnerability allows for information disclosure when a fastrpc session is opened without proper domain sanitization. The issue affects several chipsets, including those used in various Snapdragon 5G mobile platforms and automotive applications.

Impact

Exploitation of this vulnerability leads to unauthorized information disclosure.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm August 2025 Security Bulletin.

Added: Aug 6, 2025, 11:12 AM

Updated: Aug 6, 2025, 11:12 AM

Affected Products

Qualcomm FastConnect 6800

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6800:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm FastConnect 6900

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm FastConnect 7800

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm QCA6391

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6391:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm QCA6426

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6426:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm QCA6436

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6436:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm QSM8250

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qsm8250:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm SD865 5G

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sd865_5g:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm SDM429W

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm SDX55

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sdx55:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm Snapdragon 429 Mobile Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:snapdragon_429_mobile_platform:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm Snapdragon 8 Gen 1 Mobile Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm Snapdragon 865 5G Mobile Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:snapdragon_865_5g_mobile_platform:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm Snapdragon 865+ 5G Mobile Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:snapdragon_865+_5g_mobile_platform:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm Snapdragon 870 5G Mobile Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:snapdragon_870_5g_mobile_platform:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

Qualcomm Snapdragon W5+ Gen 1 Wearable Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:snapdragon_w5+_gen_1_wearable_platform:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm Snapdragon X55 5G Modem-RF System

Moderate fix1 remedy

cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm Snapdragon XR2 5G Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm SW5100

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sw5100:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm SW5100P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sw5100p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm SXR2130

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sxr2130:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm SXR2230P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sxr2230p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm SXR2250P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sxr2250p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm WCD9380

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm WCD9385

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm WSA8810

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8810:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm WSA8815

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8815:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm WSA8830

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8830:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm WSA8832

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8832:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm WSA8835

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8835:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Products Buffer Over-Read Vulnerability in Automotive Android OS

Vulnerability

Impact

Remediation

Affected Products

Qualcomm FastConnect 6800

Qualcomm FastConnect 6900

Qualcomm FastConnect 7800

Qualcomm QCA6391

Qualcomm QCA6426

Qualcomm QCA6436

Qualcomm QSM8250

Qualcomm SD865 5G

Qualcomm SDM429W

Qualcomm SDX55

Qualcomm Snapdragon 429 Mobile Platform

Qualcomm Snapdragon 8 Gen 1 Mobile Platform

Qualcomm Snapdragon 865 5G Mobile Platform

Qualcomm Snapdragon 865+ 5G Mobile Platform

Qualcomm Snapdragon 870 5G Mobile Platform

Qualcomm Snapdragon W5+ Gen 1 Wearable Platform

Qualcomm Snapdragon X55 5G Modem-RF System

Qualcomm Snapdragon XR2 5G Platform

Qualcomm SW5100

Qualcomm SW5100P

Qualcomm SXR2130

Qualcomm SXR2230P

Qualcomm SXR2250P

Qualcomm WCD9380

Qualcomm WCD9385

Qualcomm WSA8810

Qualcomm WSA8815

Qualcomm WSA8830

Qualcomm WSA8832

Qualcomm WSA8835

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating