CVE-2025-21480
HIGH CISA KEVDescription
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVSS v3.1 Score
8.6
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild.
Added: Jun 3, 2025
Remediation due: Jun 24, 2025
Weakness Type (CWE)
CWE-863
Incorrect Authorization
Affected Products
| Vendor | Product |
|---|---|
| qualcomm | aqt1000_firmware |
| qualcomm | aqt1000 |
| qualcomm | fastconnect_6200_firmware |
| qualcomm | fastconnect_6200 |
| qualcomm | fastconnect_6700_firmware |
| qualcomm | fastconnect_6700 |
| qualcomm | fastconnect_6800_firmware |
| qualcomm | fastconnect_6800 |
| qualcomm | fastconnect_6900_firmware |
| qualcomm | fastconnect_6900 |
| qualcomm | fastconnect_7800_firmware |
| qualcomm | fastconnect_7800 |
| qualcomm | qca6391_firmware |
| qualcomm | qca6391 |
| qualcomm | qcm4490_firmware |
| qualcomm | qcm4490 |
| qualcomm | qcs4490_firmware |
| qualcomm | qcs4490 |
| qualcomm | sc8380xp_firmware |
| qualcomm | sc8380xp |
| qualcomm | sd855_firmware |
| qualcomm | sd855 |
| qualcomm | sm4635_firmware |
| qualcomm | sm4635 |
| qualcomm | sm6250_firmware |
| qualcomm | sm6250 |
| qualcomm | sm6650_firmware |
| qualcomm | sm6650 |
| qualcomm | sm6650p_firmware |
| qualcomm | sm6650p |
| qualcomm | sm7325p_firmware |
| qualcomm | sm7325p |
| qualcomm | sm7635_firmware |
| qualcomm | sm7635 |
| qualcomm | sm7675_firmware |
| qualcomm | sm7675 |
| qualcomm | sm7675p_firmware |
| qualcomm | sm7675p |
| qualcomm | sm8550p_firmware |
| qualcomm | sm8550p |
| qualcomm | sm8635_firmware |
| qualcomm | sm8635 |
| qualcomm | sm8635p_firmware |
| qualcomm | sm8635p |
| qualcomm | sm8650q_firmware |
| qualcomm | sm8650q |
| qualcomm | snapdragon_4_gen_1_mobile_platform_firmware |
| qualcomm | snapdragon_4_gen_1_mobile_platform |
| qualcomm | snapdragon_460_mobile_platform_firmware |
| qualcomm | snapdragon_460_mobile_platform |
| qualcomm | snapdragon_480_5g_mobile_platform_firmware |
| qualcomm | snapdragon_480_5g_mobile_platform |
| qualcomm | snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware |
| qualcomm | snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\) |
| qualcomm | snapdragon_662_mobile_platform_firmware |
| qualcomm | snapdragon_662_mobile_platform |
| qualcomm | snapdragon_680_4g_mobile_platform_firmware |
| qualcomm | snapdragon_680_4g_mobile_platform |
| qualcomm | snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware |
| qualcomm | snapdragon_685_4g_mobile_platform_\(sm6225-ad\) |
| qualcomm | snapdragon_690_5g_mobile_platform_firmware |
| qualcomm | snapdragon_690_5g_mobile_platform |
| qualcomm | snapdragon_695_5g_mobile_platform_firmware |
| qualcomm | snapdragon_695_5g_mobile_platform |
| qualcomm | snapdragon_720g_mobile_platform_firmware |
| qualcomm | snapdragon_720g_mobile_platform |
| qualcomm | snapdragon_778g_5g_mobile_platform_firmware |
| qualcomm | snapdragon_778g_5g_mobile_platform |
| qualcomm | snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmware |
| qualcomm | snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\) |
| qualcomm | snapdragon_782g_mobile_platform_\(sm7325-af\)_firmware |
| qualcomm | snapdragon_782g_mobile_platform_\(sm7325-af\) |
| qualcomm | snapdragon_7c\+_gen_3_compute_firmware |
| qualcomm | snapdragon_7c\+_gen_3_compute |
| qualcomm | snapdragon_8_gen_2_mobile_platform_firmware |
| qualcomm | snapdragon_8_gen_2_mobile_platform |
| qualcomm | snapdragon_8_gen_3_mobile_platform_firmware |
| qualcomm | snapdragon_8_gen_3_mobile_platform |
| qualcomm | snapdragon_8\+_gen_2_mobile_platform_firmware |
| qualcomm | snapdragon_8\+_gen_2_mobile_platform |
| qualcomm | snapdragon_855_mobile_platform_firmware |
| qualcomm | snapdragon_855_mobile_platform |
| qualcomm | snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmware |
| qualcomm | snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\) |
| qualcomm | snapdragon_865_5g_mobile_platform_firmware |
| qualcomm | snapdragon_865_5g_mobile_platform |
| qualcomm | snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware |
| qualcomm | snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\) |
| qualcomm | snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware |
| qualcomm | snapdragon_870_5g_mobile_platform_\(sm8250-ac\) |
| qualcomm | snapdragon_888_5g_mobile_platform_firmware |
| qualcomm | snapdragon_888_5g_mobile_platform |
| qualcomm | snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware |
| qualcomm | snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\) |
| qualcomm | snapdragon_ar1_gen_1_firmware |
| qualcomm | snapdragon_ar1_gen_1 |
| qualcomm | snapdragon_ar1_gen_1_platform_\"luna1\"_firmware |
| qualcomm | snapdragon_ar1_gen_1_platform_\"luna1\" |
| qualcomm | snapdragon_x55_5g_modem-rf_system_firmware |
| qualcomm | snapdragon_x55_5g_modem-rf_system |
| qualcomm | sxr2230p_firmware |
| qualcomm | sxr2230p |
| qualcomm | sxr2250p_firmware |
| qualcomm | sxr2250p |
| qualcomm | sxr2330p_firmware |
| qualcomm | sxr2330p |
| qualcomm | wcd9341_firmware |
| qualcomm | wcd9341 |
| qualcomm | wcd9370_firmware |
| qualcomm | wcd9370 |
| qualcomm | wcd9375_firmware |
| qualcomm | wcd9375 |
| qualcomm | wcd9378_firmware |
| qualcomm | wcd9378 |
| qualcomm | wcd9380_firmware |
| qualcomm | wcd9380 |
| qualcomm | wcd9385_firmware |
| qualcomm | wcd9385 |
| qualcomm | wcd9390_firmware |
| qualcomm | wcd9390 |
| qualcomm | wcd9395_firmware |
| qualcomm | wcd9395 |
| qualcomm | wcn3950_firmware |
| qualcomm | wcn3950 |
| qualcomm | wcn3988_firmware |
| qualcomm | wcn3988 |
| qualcomm | wcn6450_firmware |
| qualcomm | wcn6450 |
| qualcomm | wcn6650_firmware |
| qualcomm | wcn6650 |
| qualcomm | wcn6755_firmware |
| qualcomm | wcn6755 |
| qualcomm | wcn7861_firmware |
| qualcomm | wcn7861 |
| qualcomm | wcn7881_firmware |
| qualcomm | wcn7881 |
| qualcomm | wsa8810_firmware |
| qualcomm | wsa8810 |
| qualcomm | wsa8815_firmware |
| qualcomm | wsa8815 |
| qualcomm | wsa8830_firmware |
| qualcomm | wsa8830 |
| qualcomm | wsa8832_firmware |
| qualcomm | wsa8832 |
| qualcomm | wsa8835_firmware |
| qualcomm | wsa8835 |
| qualcomm | wsa8840_firmware |
| qualcomm | wsa8840 |
| qualcomm | wsa8845_firmware |
| qualcomm | wsa8845 |
| qualcomm | wsa8845h_firmware |
| qualcomm | wsa8845h |
References
Frequently Asked Questions
What is CVE-2025-21480? +
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. It has a CVSS v3.1 base score of 8.6 (HIGH). This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.
How severe is CVE-2025-21480? +
CVE-2025-21480 has a CVSS v3.1 score of 8.6 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.
What products are affected by CVE-2025-21480? +
CVE-2025-21480 affects products from qualcomm, specifically: aqt1000, aqt1000_firmware, fastconnect_6200, fastconnect_6200_firmware, fastconnect_6700, fastconnect_6700_firmware, fastconnect_6800, fastconnect_6800_firmware, fastconnect_6900, fastconnect_6900_firmware, fastconnect_7800, fastconnect_7800_firmware, qca6391, qca6391_firmware, qcm4490, qcm4490_firmware, qcs4490, qcs4490_firmware, sc8380xp, sc8380xp_firmware, sd855, sd855_firmware, sm4635, sm4635_firmware, sm6250, sm6250_firmware, sm6650, sm6650_firmware, sm6650p, sm6650p_firmware, sm7325p, sm7325p_firmware, sm7635, sm7635_firmware, sm7675, sm7675_firmware, sm7675p, sm7675p_firmware, sm8550p, sm8550p_firmware, sm8635, sm8635_firmware, sm8635p, sm8635p_firmware, sm8650q, sm8650q_firmware, snapdragon_460_mobile_platform, snapdragon_460_mobile_platform_firmware, snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\), snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware, snapdragon_480_5g_mobile_platform, snapdragon_480_5g_mobile_platform_firmware, snapdragon_4_gen_1_mobile_platform, snapdragon_4_gen_1_mobile_platform_firmware, snapdragon_662_mobile_platform, snapdragon_662_mobile_platform_firmware, snapdragon_680_4g_mobile_platform, snapdragon_680_4g_mobile_platform_firmware, snapdragon_685_4g_mobile_platform_\(sm6225-ad\), snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware, snapdragon_690_5g_mobile_platform, snapdragon_690_5g_mobile_platform_firmware, snapdragon_695_5g_mobile_platform, snapdragon_695_5g_mobile_platform_firmware, snapdragon_720g_mobile_platform, snapdragon_720g_mobile_platform_firmware, snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\), snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmware, snapdragon_778g_5g_mobile_platform, snapdragon_778g_5g_mobile_platform_firmware, snapdragon_782g_mobile_platform_\(sm7325-af\), snapdragon_782g_mobile_platform_\(sm7325-af\)_firmware, snapdragon_7c\+_gen_3_compute, snapdragon_7c\+_gen_3_compute_firmware, snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\), snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmware, snapdragon_855_mobile_platform, snapdragon_855_mobile_platform_firmware, snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\), snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware, snapdragon_865_5g_mobile_platform, snapdragon_865_5g_mobile_platform_firmware, snapdragon_870_5g_mobile_platform_\(sm8250-ac\), snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware, snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\), snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware, snapdragon_888_5g_mobile_platform, snapdragon_888_5g_mobile_platform_firmware, snapdragon_8\+_gen_2_mobile_platform, snapdragon_8\+_gen_2_mobile_platform_firmware, snapdragon_8_gen_2_mobile_platform, snapdragon_8_gen_2_mobile_platform_firmware, snapdragon_8_gen_3_mobile_platform, snapdragon_8_gen_3_mobile_platform_firmware, snapdragon_ar1_gen_1, snapdragon_ar1_gen_1_firmware, snapdragon_ar1_gen_1_platform_\"luna1\", snapdragon_ar1_gen_1_platform_\"luna1\"_firmware, snapdragon_x55_5g_modem-rf_system, snapdragon_x55_5g_modem-rf_system_firmware, sxr2230p, sxr2230p_firmware, sxr2250p, sxr2250p_firmware, sxr2330p, sxr2330p_firmware, wcd9341, wcd9341_firmware, wcd9370, wcd9370_firmware, wcd9375, wcd9375_firmware, wcd9378, wcd9378_firmware, wcd9380, wcd9380_firmware, wcd9385, wcd9385_firmware, wcd9390, wcd9390_firmware, wcd9395, wcd9395_firmware, wcn3950, wcn3950_firmware, wcn3988, wcn3988_firmware, wcn6450, wcn6450_firmware, wcn6650, wcn6650_firmware, wcn6755, wcn6755_firmware, wcn7861, wcn7861_firmware, wcn7881, wcn7881_firmware, wsa8810, wsa8810_firmware, wsa8815, wsa8815_firmware, wsa8830, wsa8830_firmware, wsa8832, wsa8832_firmware, wsa8835, wsa8835_firmware, wsa8840, wsa8840_firmware, wsa8845, wsa8845_firmware, wsa8845h, wsa8845h_firmware. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2025-21480? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.
Related Vulnerabilities
CVE-2026-40166
authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, authenticated non-admin users with at …
CVE-2026-42571
Pelican is a platform for creating data federations. From versions 7.21.0 to before 7.21.5, 7.22.0 to before 7.22.3, 7.23.0 to …
CVE-2026-42137
Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, `pages.access/list` and `files.access/list` permissions are not consistently …
CVE-2026-42160
Data Space Portal is an open-source Software as a Service (SaaS) solution designed to streamline Dataspace management. From version 2.1.1 …
CVE-2026-44838
RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using …
CVE-2025-24479
A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default …