CVE-2026-25293
Published: 04 May 2026
Summary
CVE-2026-25293 is a critical-severity Incorrect Authorization (CWE-863) vulnerability in Qualcomm Qca7005 Firmware. Its CVSS base score is 9.6 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 7.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-25293 is a buffer overflow vulnerability caused by incorrect authorization, mapped to CWE-863, affecting PLC firmware. Published on 2026-05-04, it carries a CVSS v3.1 base score of 9.6, indicating critical severity.
An unauthenticated attacker on an adjacent network can exploit the vulnerability with low attack complexity and no user interaction required. Exploitation grants high impacts across confidentiality, integrity, and availability, with a changed scope that enables severe compromise such as arbitrary code execution on the affected PLC firmware.
Qualcomm's May 2026 security bulletin, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html, details mitigation strategies and available patches for addressing this issue.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-26992
Vulnerability details
Buffer overflow due to incorrect authorization in PLC FW
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow with missing authorization in network-exposed PLC firmware directly enables remote unauthenticated RCE from an adjacent network, matching the definition and examples of T1210 Exploitation of Remote Services.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the buffer overflow vulnerability in PLC firmware by applying vendor patches as specified in Qualcomm's security bulletin.
Validates information inputs to prevent buffer overflows triggered by unauthenticated requests due to incorrect authorization.
Enforces approved authorizations to mitigate exploitation arising from incorrect authorization logic in the PLC firmware.