CVE-2025-21427
Published: 08 July 2025
Summary
CVE-2025-21427 is a high-severity Buffer Over-read (CWE-126) vulnerability in Qualcomm Sa4150P Firmware. Its CVSS base score is 8.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 44.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Flaw remediation directly addresses the buffer over-read vulnerability in the RTP decoder by applying Qualcomm patches from the security bulletin.
Memory protection mechanisms like ASLR and stack canaries prevent exploitation of the out-of-bounds read in RTP payload decoding.
Information input validation ensures RTP packet payloads are checked for proper length and structure before decoding to avoid triggering the buffer over-read.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated network exploit of RTP decoder in Qualcomm UE for info disclosure directly matches T1190 Exploit Public-Facing Application.
NVD Description
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Deeper analysisAI
CVE-2025-21427 is an information disclosure vulnerability that occurs while decoding RTP packet payloads when User Equipment (UE) receives RTP packets from the network. It is associated with CWE-126 (Buffer Over-read) and CWE-125 (Out-of-bounds Read), earning a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L). The vulnerability affects components in Qualcomm products, as detailed in their security advisories.
The vulnerability can be exploited by a remote attacker with network access who sends a specially crafted RTP packet to the targeted UE. No authentication or user interaction is required, and exploitation has low complexity. Successful exploitation results in high-impact confidentiality loss through information disclosure, along with low-impact availability disruption.
Mitigation guidance is provided in the Qualcomm July 2025 Security Bulletin, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html. Security practitioners should consult this advisory for affected products, patch availability, and recommended remediation steps.
Details
- CWE(s)