CVE-2025-21479
Published: 03 June 2025
Summary
CVE-2025-21479 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Qualcomm Aqt1000 Firmware. Its CVSS base score is 8.6 (High).
Operationally, ranked at the 35.4th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-21479 is a memory corruption vulnerability caused by unauthorized command execution in the GPU micronode when a specific sequence of commands is processed. The flaw is tracked under CWE-863 (incorrect authorization) and affects Qualcomm GPU components, as referenced in the vendor's June 2025 security bulletin.
An attacker can exploit the issue locally with no privileges required and only user interaction, achieving a scope change that results in high impact to confidentiality, integrity, and availability. Successful exploitation can allow an adversary to corrupt memory and execute arbitrary commands within the affected GPU environment.
The Qualcomm security bulletin and CISA's Known Exploited Vulnerabilities catalog both list the CVE, indicating that patches are available through Qualcomm's standard firmware and driver update channels and that organizations should apply them promptly.
CISA's inclusion of the vulnerability in its actively exploited catalog signals confirmed real-world exploitation, even though the current EPSS score remains low at 0.0015.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-16710
Vulnerability details
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
- CWE(s)
- KEV Date Added
- 03 June 2025
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces authorization checks on commands sent to the GPU micronode, blocking the unauthorized execution path that triggers memory corruption.
Applies hardware or software memory protection mechanisms that would contain or prevent the corruption resulting from the bypassed command sequence.
Requires validation of command sequences before GPU micronode execution, mitigating the crafted-input vector that bypasses authorization.