Volerion logoVolerion
Volerion logoVolerion

Qualcomm Automotive Vehicle Networks Information Disclosure Vulnerability

Vulnerability

A vulnerability has been identified in Qualcomm's Automotive Vehicle Networks component, specifically in chipsets such as QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6688AQ, QCA6696, QCA6698AQ, and several others. This vulnerability allows for information disclosure while processing packets at the EAVB BE side, particularly when the header length is invalid.

Impact

Exploitation of this vulnerability leads to unauthorized information disclosure.

Remediation

Qualcomm has notified customers about this vulnerability and is actively sharing patches. Instructions for applying the patch can be found in the Qualcomm August 2025 Security Bulletin.

Added: Aug 6, 2025, 9:06 AM
Updated: Aug 6, 2025, 9:06 AM

Vulnerability Rating

Custom Algorithm
spread
8.1
impact
2.5
exploitability
3.5
remediation
7.7
relevance
0.3
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.