CVE-2025-27034 – Qualcomm Multi-Mode Call Processor Improper Validation of Array Index Vulnerability Allowing Memory Corruption

Vulnerability

A critical vulnerability has been identified in the Qualcomm Multi-Mode Call Processor, specifically in the handling of the PLMN selection from the SOR failed list. This issue arises from improper validation of array indices, leading to memory corruption. The vulnerability is accessible remotely and affects several chipsets within the Qualcomm 5G IoT Modem, as well as various Snapdragon and QCA chipsets.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to arbitrary code execution or application crashes.

Remediation

Qualcomm has notified device manufacturers about this vulnerability and is actively sharing patches. For information on the patching status of released devices, contact the device manufacturer.

Added: Sep 24, 2025, 5:09 PM

Updated: Sep 24, 2025, 5:09 PM

Affected Products

Qualcomm Multi-Mode Call Processor

Easy fix1 remedy

315 5G IoT Modem
AR8035
FastConnect 6200
FastConnect 6700
FastConnect 6800
FastConnect 6900
FastConnect 7800
QCA6174A
QCA6391
QCA6574A
QCA6584AU
QCA6595AU
QCA6696
QCA6698AQ
QCA8081
QCA8337
QCC710
QCM4490
QCM5430
QCM6490
QCM8550
QCN6024
QCN6224
QCN6274
QCN9024
QCS4490
QCS5430
QCS6490
QCS8550
QCS9100
QMP1000
Qualcomm 205 Mobile Platform
Qualcomm 215 Mobile Platform
Qualcomm® Video Collaboration VC3 Platform
SD 8 Gen1 5G
SDX55
SDX57M
SDX61
SDX71M
SDX80M
SG8275P
SM4635
SM6650
SM7250P
SM7325P
SM7635
SM7675
SM7675P
SM8550P
SM8635
SM8635P
SM8650Q
SM8750
SM8750P
Smart Display 200 Platform (APQ5053-AA)
Snapdragon 4 Gen 1 Mobile Platform
Snapdragon 480 5G Mobile Platform
Snapdragon 480+ 5G Mobile Platform (SM4350-AC)
Snapdragon 690 5G Mobile Platform
Snapdragon 695 5G Mobile Platform
Snapdragon 765 5G Mobile Platform (SM7250-AA)
Snapdragon 765G 5G Mobile Platform (SM7250-AB)
Snapdragon 768G 5G Mobile Platform (SM7250-AC)
Snapdragon 778G 5G Mobile Platform
Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)
Snapdragon 780G 5G Mobile Platform
Snapdragon 782G Mobile Platform (SM7325-AF)
Snapdragon 7c+ Gen 3 Compute
Snapdragon 8 Gen 1 Mobile Platform
Snapdragon 8 Gen 2 Mobile Platform
Snapdragon 8 Gen 3 Mobile Platform
Snapdragon 8+ Gen 1 Mobile Platform
Snapdragon 8+ Gen 2 Mobile Platform
Snapdragon 820 Automotive Platform
Snapdragon 835 Mobile PC Platform
Snapdragon 845 Mobile Platform
Snapdragon 855 Mobile Platform
Snapdragon 855+/860 Mobile Platform (SM8150-AC)
Snapdragon 865 5G Mobile Platform
Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
Snapdragon 870 5G Mobile Platform (SM8250-AC)
Snapdragon 888 5G Mobile Platform
Snapdragon 888+ 5G Mobile Platform (SM8350-AC)
Snapdragon W5+ Gen 1 Wearable Platform
Snapdragon X35 5G Modem-RF System
Snapdragon X55 5G Modem-RF System
Snapdragon XR1 Platform
Snapdragon XR2 5G Platform
Snapdragon XR2+ Gen 1 Platform
SRV1H
SRV1L
SRV1M
SW5100
SW5100P
SXR1120
SXR2130
SXR2330P
Vision Intelligence 100 Platform (APQ8053-AA)
Vision Intelligence 200 Platform (APQ8053-AC)

CVSS Scores

volerion

8.7

CVSS 4.0

8.7

High

volerion

7.5

CVSS 3.1

7.5

High

Vendor

9.8

CVSS 3.1

9.8

Critical

Click a row to open the calculator.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html

AdvisoryBundleVendor

Showing 1-1 of 1 references

Qualcomm Multi-Mode Call Processor Improper Validation of Array Index Vulnerability Allowing Memory Corruption