Cyber Posture

CVE-2025-59600

High

Published: 02 March 2026

Published
02 March 2026
Modified
03 March 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 4.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-59600 is a high-severity Buffer Over-read (CWE-126) vulnerability in Qualcomm Fastconnect 6200 Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly requires validation of user-supplied data inputs to ensure they do not exceed available buffer space, preventing the memory corruption.

SI-16 Memory Protection good match
prevent

Implements memory safeguards like stack canaries, ASLR, and DEP to protect against exploitation of buffer overflows even if input validation fails.

SI-2 Flaw Remediation good match
prevent

Mandates identification, reporting, and patching of flaws like this buffer overflow vulnerability in Qualcomm components.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Local memory corruption (buffer overflow) in Qualcomm components directly enables local privilege escalation via exploitation of a privileged process/driver.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Memory Corruption when adding user-supplied data without checking available buffer space.

Deeper analysisAI

CVE-2025-59600 is a memory corruption vulnerability (CWE-126) that arises when user-supplied data is added without checking available buffer space. It affects components within Qualcomm products, as documented in the vendor's security bulletin.

The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). A local attacker with low privileges can exploit it through low-complexity means without requiring user interaction, potentially achieving high impacts on confidentiality, integrity, and availability.

Qualcomm's March 2026 security bulletin provides details on affected products, patches, and mitigation guidance, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html.

Details

CWE(s)
CWE-126

Affected Products

qualcomm
fastconnect 6200 firmware
all versions
qualcomm
fastconnect 6700 firmware
all versions
qualcomm
fastconnect 6900 firmware
all versions
qualcomm
fastconnect 7800 firmware
all versions
qualcomm
g1 gen 1 firmware
all versions
qualcomm
g2 gen 1 firmware
all versions
qualcomm
iq-615 firmware
all versions
qualcomm
iq-8275 firmware
all versions
qualcomm
iq-8300 firmware
all versions
qualcomm
iq-9075 firmware
all versions
+154 more product configuration(s) — see NVD for full list

CVEs Like This One

CVE-2026-21385Same product: Qualcomm Ar8031
CVE-2026-21378Same product: Qualcomm Fastconnect 6200
CVE-2025-47373Same product: Qualcomm Ar8035
CVE-2026-21374Same product: Qualcomm Fastconnect 6200
CVE-2026-21376Same product: Qualcomm Fastconnect 6200
CVE-2026-21373Same product: Qualcomm Fastconnect 6200
CVE-2026-21371Same product: Qualcomm Fastconnect 6200
CVE-2026-21375Same product: Qualcomm Fastconnect 6700
CVE-2025-47389Same product: Qualcomm Ar8035
CVE-2025-47390Same product: Qualcomm Fastconnect 6700

References