Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0750
Vulnerability from certfr_avis - Published: 2025-09-03 - Updated: 2025-09-03
De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Google indique que les vulnérabilités CVE-2025-38352 et CVE-2025-48543 sont activement exploitées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Android versions ant\u00e9rieures \u00e0 13, 14, 15 et 16 avant le correctif du 2 septembre 2025",
"product": {
"name": "Android",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-48534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48534"
},
{
"name": "CVE-2025-47326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47326"
},
{
"name": "CVE-2025-48531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48531"
},
{
"name": "CVE-2025-32323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32323"
},
{
"name": "CVE-2025-21487",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21487"
},
{
"name": "CVE-2025-48544",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48544"
},
{
"name": "CVE-2025-27065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27065"
},
{
"name": "CVE-2025-48541",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48541"
},
{
"name": "CVE-2025-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3212"
},
{
"name": "CVE-2025-47328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47328"
},
{
"name": "CVE-2025-21433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21433"
},
{
"name": "CVE-2025-27034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27034"
},
{
"name": "CVE-2025-8109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8109"
},
{
"name": "CVE-2025-21481",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21481"
},
{
"name": "CVE-2025-48535",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48535"
},
{
"name": "CVE-2025-48527",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48527"
},
{
"name": "CVE-2025-27032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27032"
},
{
"name": "CVE-2025-48539",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48539"
},
{
"name": "CVE-2025-48540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48540"
},
{
"name": "CVE-2025-47317",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47317"
},
{
"name": "CVE-2025-32333",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32333"
},
{
"name": "CVE-2025-21465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21465"
},
{
"name": "CVE-2025-25180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25180"
},
{
"name": "CVE-2025-48563",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48563"
},
{
"name": "CVE-2025-48526",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48526"
},
{
"name": "CVE-2025-27052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27052"
},
{
"name": "CVE-2025-48538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48538"
},
{
"name": "CVE-2025-20703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20703"
},
{
"name": "CVE-2025-21482",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21482"
},
{
"name": "CVE-2025-21755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21755"
},
{
"name": "CVE-2024-7881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7881"
},
{
"name": "CVE-2025-48556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48556"
},
{
"name": "CVE-2025-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27043"
},
{
"name": "CVE-2025-21464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21464"
},
{
"name": "CVE-2025-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20696"
},
{
"name": "CVE-2025-21449",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21449"
},
{
"name": "CVE-2025-0076",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0076"
},
{
"name": "CVE-2025-1246",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1246"
},
{
"name": "CVE-2025-26454",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26454"
},
{
"name": "CVE-2025-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21427"
},
{
"name": "CVE-2025-32347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32347"
},
{
"name": "CVE-2025-47329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47329"
},
{
"name": "CVE-2025-21483",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21483"
},
{
"name": "CVE-2025-21446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21446"
},
{
"name": "CVE-2025-32325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32325"
},
{
"name": "CVE-2025-25179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25179"
},
{
"name": "CVE-2021-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39810"
},
{
"name": "CVE-2025-48528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48528"
},
{
"name": "CVE-2025-32349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32349"
},
{
"name": "CVE-2025-32345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32345"
},
{
"name": "CVE-2025-48524",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48524"
},
{
"name": "CVE-2025-21432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21432"
},
{
"name": "CVE-2025-48542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48542"
},
{
"name": "CVE-2025-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48522"
},
{
"name": "CVE-2025-32331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32331"
},
{
"name": "CVE-2025-48546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48546"
},
{
"name": "CVE-2025-48581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48581"
},
{
"name": "CVE-2025-48551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48551"
},
{
"name": "CVE-2025-27061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27061"
},
{
"name": "CVE-2024-49714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49714"
},
{
"name": "CVE-2025-48547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48547"
},
{
"name": "CVE-2025-48537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48537"
},
{
"name": "CVE-2025-0467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0467"
},
{
"name": "CVE-2025-46708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46708"
},
{
"name": "CVE-2025-47318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47318"
},
{
"name": "CVE-2025-21450",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21450"
},
{
"name": "CVE-2025-48550",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48550"
},
{
"name": "CVE-2025-021701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-021701"
},
{
"name": "CVE-2025-48561",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48561"
},
{
"name": "CVE-2025-48553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48553"
},
{
"name": "CVE-2025-27042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27042"
},
{
"name": "CVE-2025-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48554"
},
{
"name": "CVE-2025-48549",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48549"
},
{
"name": "CVE-2025-21477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21477"
},
{
"name": "CVE-2025-48529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48529"
},
{
"name": "CVE-2025-46710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46710"
},
{
"name": "CVE-2025-32327",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32327"
},
{
"name": "CVE-2024-47899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47899"
},
{
"name": "CVE-2025-32332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32332"
},
{
"name": "CVE-2025-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48560"
},
{
"name": "CVE-2025-48559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48559"
},
{
"name": "CVE-2025-1706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1706"
},
{
"name": "CVE-2025-0089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0089"
},
{
"name": "CVE-2023-24023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
},
{
"name": "CVE-2025-32330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32330"
},
{
"name": "CVE-2025-32326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32326"
},
{
"name": "CVE-2025-27056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27056"
},
{
"name": "CVE-2025-21488",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21488"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-32324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32324"
},
{
"name": "CVE-2025-27057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27057"
},
{
"name": "CVE-2025-48532",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48532"
},
{
"name": "CVE-2025-27066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27066"
},
{
"name": "CVE-2025-48552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48552"
},
{
"name": "CVE-2024-47898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47898"
},
{
"name": "CVE-2025-48545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48545"
},
{
"name": "CVE-2025-27073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27073"
},
{
"name": "CVE-2025-32350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32350"
},
{
"name": "CVE-2025-21484",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21484"
},
{
"name": "CVE-2025-48523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48523"
},
{
"name": "CVE-2025-48543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48543"
},
{
"name": "CVE-2025-48562",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48562"
},
{
"name": "CVE-2025-32321",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32321"
},
{
"name": "CVE-2025-26464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26464"
},
{
"name": "CVE-2025-32346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32346"
},
{
"name": "CVE-2025-20704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20704"
},
{
"name": "CVE-2025-48548",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48548"
},
{
"name": "CVE-2025-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21454"
},
{
"name": "CVE-2025-46707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46707"
},
{
"name": "CVE-2025-20708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20708"
},
{
"name": "CVE-2025-48558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48558"
}
],
"initial_release_date": "2025-09-03T00:00:00",
"last_revision_date": "2025-09-03T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0750",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nGoogle indique que les vuln\u00e9rabilit\u00e9s CVE-2025-38352 et CVE-2025-48543 sont activement exploit\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android",
"vendor_advisories": [
{
"published_at": "2025-09-01",
"title": "Bulletin de s\u00e9curit\u00e9 Google Android",
"url": "https://source.android.com/docs/security/bulletin/2025-09-01?hl=fr"
}
]
}
CVE-2025-47326 (GCVE-0-2025-47326)
Vulnerability from cvelistv5 – Published: 2025-09-24 15:33 – Updated: 2025-09-25 18:34
VLAI
EPSS
Title
Buffer Over-read in WLAN HAL
Summary
Transient DOS while handling command data during power control processing.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AR8035
Affected: CSR8811 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: Immersive Home 214 Platform Affected: Immersive Home 216 Platform Affected: Immersive Home 316 Platform Affected: Immersive Home 318 Platform Affected: Immersive Home 3210 Platform Affected: Immersive Home 326 Platform Affected: IPQ5010 Affected: IPQ5028 Affected: IPQ5300 Affected: IPQ5302 Affected: IPQ5312 Affected: IPQ5332 Affected: IPQ5424 Affected: IPQ6000 Affected: IPQ6010 Affected: IPQ6018 Affected: IPQ6028 Affected: IPQ8070A Affected: IPQ8071A Affected: IPQ8072A Affected: IPQ8074A Affected: IPQ8076 Affected: IPQ8076A Affected: IPQ8078 Affected: IPQ8078A Affected: IPQ8173 Affected: IPQ8174 Affected: IPQ9008 Affected: IPQ9048 Affected: IPQ9554 Affected: IPQ9570 Affected: IPQ9574 Affected: QCA0000 Affected: QCA4024 Affected: QCA8075 Affected: QCA8080 Affected: QCA8081 Affected: QCA8082 Affected: QCA8084 Affected: QCA8085 Affected: QCA8101 Affected: QCA8102 Affected: QCA8111 Affected: QCA8112 Affected: QCA8337 Affected: QCA8384 Affected: QCA8385 Affected: QCA8386 Affected: QCA9888 Affected: QCA9889 Affected: QCC710 Affected: QCF8000 Affected: QCF8000SFP Affected: QCF8001 Affected: QCN5022 Affected: QCN5024 Affected: QCN5052 Affected: QCN5122 Affected: QCN5124 Affected: QCN5152 Affected: QCN5154 Affected: QCN5164 Affected: QCN5224 Affected: QCN6023 Affected: QCN6024 Affected: QCN6112 Affected: QCN6122 Affected: QCN6132 Affected: QCN6224 Affected: QCN6274 Affected: QCN6402 Affected: QCN6412 Affected: QCN6422 Affected: QCN6432 Affected: QCN9000 Affected: QCN9012 Affected: QCN9022 Affected: QCN9024 Affected: QCN9070 Affected: QCN9072 Affected: QCN9074 Affected: QCN9100 Affected: QCN9160 Affected: QCN9274 Affected: QFW7114 Affected: QFW7124 Affected: QMP1000 Affected: QXM8083 Affected: SDX55 Affected: SDX65M Affected: SM6650 Affected: SM6650P Affected: SM7635 Affected: SM7635P Affected: SM8735 Affected: SM8750 Affected: SM8750P Affected: Snapdragon X65 5G Modem-RF System Affected: Snapdragon X72 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: SW-only Affected: WCD9340 Affected: WCD9378 Affected: WCD9395 Affected: WCN6650 Affected: WCN6755 Affected: WCN7750 Affected: WCN7860 Affected: WCN7861 Affected: WCN7880 Affected: WCN7881 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T18:34:06.335751Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T18:34:13.643Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon CCW",
"Snapdragon Industrial IOT",
"Snapdragon MC",
"Snapdragon Mobile",
"Snapdragon WBC",
"Snapdragon Wired Infrastructure and Networking"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "CSR8811"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "Immersive Home 214 Platform"
},
{
"status": "affected",
"version": "Immersive Home 216 Platform"
},
{
"status": "affected",
"version": "Immersive Home 316 Platform"
},
{
"status": "affected",
"version": "Immersive Home 318 Platform"
},
{
"status": "affected",
"version": "Immersive Home 3210 Platform"
},
{
"status": "affected",
"version": "Immersive Home 326 Platform"
},
{
"status": "affected",
"version": "IPQ5010"
},
{
"status": "affected",
"version": "IPQ5028"
},
{
"status": "affected",
"version": "IPQ5300"
},
{
"status": "affected",
"version": "IPQ5302"
},
{
"status": "affected",
"version": "IPQ5312"
},
{
"status": "affected",
"version": "IPQ5332"
},
{
"status": "affected",
"version": "IPQ5424"
},
{
"status": "affected",
"version": "IPQ6000"
},
{
"status": "affected",
"version": "IPQ6010"
},
{
"status": "affected",
"version": "IPQ6018"
},
{
"status": "affected",
"version": "IPQ6028"
},
{
"status": "affected",
"version": "IPQ8070A"
},
{
"status": "affected",
"version": "IPQ8071A"
},
{
"status": "affected",
"version": "IPQ8072A"
},
{
"status": "affected",
"version": "IPQ8074A"
},
{
"status": "affected",
"version": "IPQ8076"
},
{
"status": "affected",
"version": "IPQ8076A"
},
{
"status": "affected",
"version": "IPQ8078"
},
{
"status": "affected",
"version": "IPQ8078A"
},
{
"status": "affected",
"version": "IPQ8173"
},
{
"status": "affected",
"version": "IPQ8174"
},
{
"status": "affected",
"version": "IPQ9008"
},
{
"status": "affected",
"version": "IPQ9048"
},
{
"status": "affected",
"version": "IPQ9554"
},
{
"status": "affected",
"version": "IPQ9570"
},
{
"status": "affected",
"version": "IPQ9574"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "QCA4024"
},
{
"status": "affected",
"version": "QCA8075"
},
{
"status": "affected",
"version": "QCA8080"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8082"
},
{
"status": "affected",
"version": "QCA8084"
},
{
"status": "affected",
"version": "QCA8085"
},
{
"status": "affected",
"version": "QCA8101"
},
{
"status": "affected",
"version": "QCA8102"
},
{
"status": "affected",
"version": "QCA8111"
},
{
"status": "affected",
"version": "QCA8112"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA8384"
},
{
"status": "affected",
"version": "QCA8385"
},
{
"status": "affected",
"version": "QCA8386"
},
{
"status": "affected",
"version": "QCA9888"
},
{
"status": "affected",
"version": "QCA9889"
},
{
"status": "affected",
"version": "QCC710"
},
{
"status": "affected",
"version": "QCF8000"
},
{
"status": "affected",
"version": "QCF8000SFP"
},
{
"status": "affected",
"version": "QCF8001"
},
{
"status": "affected",
"version": "QCN5022"
},
{
"status": "affected",
"version": "QCN5024"
},
{
"status": "affected",
"version": "QCN5052"
},
{
"status": "affected",
"version": "QCN5122"
},
{
"status": "affected",
"version": "QCN5124"
},
{
"status": "affected",
"version": "QCN5152"
},
{
"status": "affected",
"version": "QCN5154"
},
{
"status": "affected",
"version": "QCN5164"
},
{
"status": "affected",
"version": "QCN5224"
},
{
"status": "affected",
"version": "QCN6023"
},
{
"status": "affected",
"version": "QCN6024"
},
{
"status": "affected",
"version": "QCN6112"
},
{
"status": "affected",
"version": "QCN6122"
},
{
"status": "affected",
"version": "QCN6132"
},
{
"status": "affected",
"version": "QCN6224"
},
{
"status": "affected",
"version": "QCN6274"
},
{
"status": "affected",
"version": "QCN6402"
},
{
"status": "affected",
"version": "QCN6412"
},
{
"status": "affected",
"version": "QCN6422"
},
{
"status": "affected",
"version": "QCN6432"
},
{
"status": "affected",
"version": "QCN9000"
},
{
"status": "affected",
"version": "QCN9012"
},
{
"status": "affected",
"version": "QCN9022"
},
{
"status": "affected",
"version": "QCN9024"
},
{
"status": "affected",
"version": "QCN9070"
},
{
"status": "affected",
"version": "QCN9072"
},
{
"status": "affected",
"version": "QCN9074"
},
{
"status": "affected",
"version": "QCN9100"
},
{
"status": "affected",
"version": "QCN9160"
},
{
"status": "affected",
"version": "QCN9274"
},
{
"status": "affected",
"version": "QFW7114"
},
{
"status": "affected",
"version": "QFW7124"
},
{
"status": "affected",
"version": "QMP1000"
},
{
"status": "affected",
"version": "QXM8083"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SDX65M"
},
{
"status": "affected",
"version": "SM6650"
},
{
"status": "affected",
"version": "SM6650P"
},
{
"status": "affected",
"version": "SM7635"
},
{
"status": "affected",
"version": "SM7635P"
},
{
"status": "affected",
"version": "SM8735"
},
{
"status": "affected",
"version": "SM8750"
},
{
"status": "affected",
"version": "SM8750P"
},
{
"status": "affected",
"version": "Snapdragon X65 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X72 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X75 5G Modem-RF System"
},
{
"status": "affected",
"version": "SW-only"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9378"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN6650"
},
{
"status": "affected",
"version": "WCN6755"
},
{
"status": "affected",
"version": "WCN7750"
},
{
"status": "affected",
"version": "WCN7860"
},
{
"status": "affected",
"version": "WCN7861"
},
{
"status": "affected",
"version": "WCN7880"
},
{
"status": "affected",
"version": "WCN7881"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Transient DOS while handling command data during power control processing."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T15:33:52.473Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html"
}
],
"title": "Buffer Over-read in WLAN HAL"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2025-47326",
"datePublished": "2025-09-24T15:33:52.473Z",
"dateReserved": "2025-05-06T08:33:16.261Z",
"dateUpdated": "2025-09-25T18:34:13.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47328 (GCVE-0-2025-47328)
Vulnerability from cvelistv5 – Published: 2025-09-24 15:33 – Updated: 2025-09-25 18:34
VLAI
EPSS
Title
Buffer Over-read in WLAN HAL
Summary
Transient DOS while processing power control requests with invalid antenna or stream values.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
FastConnect 7800
Affected: Immersive Home 3210 Platform Affected: Immersive Home 326 Platform Affected: IPQ5300 Affected: IPQ5302 Affected: IPQ5312 Affected: IPQ5332 Affected: IPQ5424 Affected: IPQ9008 Affected: IPQ9048 Affected: IPQ9554 Affected: IPQ9570 Affected: IPQ9574 Affected: QCA0000 Affected: QCA8075 Affected: QCA8080 Affected: QCA8081 Affected: QCA8082 Affected: QCA8084 Affected: QCA8085 Affected: QCA8101 Affected: QCA8102 Affected: QCA8111 Affected: QCA8112 Affected: QCA8384 Affected: QCA8385 Affected: QCA8386 Affected: QCC710 Affected: QCF8000 Affected: QCF8001 Affected: QCN5124 Affected: QCN5224 Affected: QCN6224 Affected: QCN6274 Affected: QCN6402 Affected: QCN6412 Affected: QCN6422 Affected: QCN6432 Affected: QCN9000 Affected: QCN9012 Affected: QCN9024 Affected: QCN9074 Affected: QCN9160 Affected: QCN9274 Affected: QFW7114 Affected: QFW7124 Affected: QMP1000 Affected: QXM8083 Affected: SM8735 Affected: SM8750 Affected: SM8750P Affected: Snapdragon X72 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: SW-only Affected: WCD9340 Affected: WCD9378 Affected: WCD9395 Affected: WCN7750 Affected: WCN7860 Affected: WCN7861 Affected: WCN7880 Affected: WCN7881 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47328",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T18:34:29.720108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T18:34:37.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon CCW",
"Snapdragon MC",
"Snapdragon Mobile",
"Snapdragon WBC",
"Snapdragon Wired Infrastructure and Networking"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "Immersive Home 3210 Platform"
},
{
"status": "affected",
"version": "Immersive Home 326 Platform"
},
{
"status": "affected",
"version": "IPQ5300"
},
{
"status": "affected",
"version": "IPQ5302"
},
{
"status": "affected",
"version": "IPQ5312"
},
{
"status": "affected",
"version": "IPQ5332"
},
{
"status": "affected",
"version": "IPQ5424"
},
{
"status": "affected",
"version": "IPQ9008"
},
{
"status": "affected",
"version": "IPQ9048"
},
{
"status": "affected",
"version": "IPQ9554"
},
{
"status": "affected",
"version": "IPQ9570"
},
{
"status": "affected",
"version": "IPQ9574"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "QCA8075"
},
{
"status": "affected",
"version": "QCA8080"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8082"
},
{
"status": "affected",
"version": "QCA8084"
},
{
"status": "affected",
"version": "QCA8085"
},
{
"status": "affected",
"version": "QCA8101"
},
{
"status": "affected",
"version": "QCA8102"
},
{
"status": "affected",
"version": "QCA8111"
},
{
"status": "affected",
"version": "QCA8112"
},
{
"status": "affected",
"version": "QCA8384"
},
{
"status": "affected",
"version": "QCA8385"
},
{
"status": "affected",
"version": "QCA8386"
},
{
"status": "affected",
"version": "QCC710"
},
{
"status": "affected",
"version": "QCF8000"
},
{
"status": "affected",
"version": "QCF8001"
},
{
"status": "affected",
"version": "QCN5124"
},
{
"status": "affected",
"version": "QCN5224"
},
{
"status": "affected",
"version": "QCN6224"
},
{
"status": "affected",
"version": "QCN6274"
},
{
"status": "affected",
"version": "QCN6402"
},
{
"status": "affected",
"version": "QCN6412"
},
{
"status": "affected",
"version": "QCN6422"
},
{
"status": "affected",
"version": "QCN6432"
},
{
"status": "affected",
"version": "QCN9000"
},
{
"status": "affected",
"version": "QCN9012"
},
{
"status": "affected",
"version": "QCN9024"
},
{
"status": "affected",
"version": "QCN9074"
},
{
"status": "affected",
"version": "QCN9160"
},
{
"status": "affected",
"version": "QCN9274"
},
{
"status": "affected",
"version": "QFW7114"
},
{
"status": "affected",
"version": "QFW7124"
},
{
"status": "affected",
"version": "QMP1000"
},
{
"status": "affected",
"version": "QXM8083"
},
{
"status": "affected",
"version": "SM8735"
},
{
"status": "affected",
"version": "SM8750"
},
{
"status": "affected",
"version": "SM8750P"
},
{
"status": "affected",
"version": "Snapdragon X72 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X75 5G Modem-RF System"
},
{
"status": "affected",
"version": "SW-only"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9378"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN7750"
},
{
"status": "affected",
"version": "WCN7860"
},
{
"status": "affected",
"version": "WCN7861"
},
{
"status": "affected",
"version": "WCN7880"
},
{
"status": "affected",
"version": "WCN7881"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Transient DOS while processing power control requests with invalid antenna or stream values."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T15:33:54.999Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html"
}
],
"title": "Buffer Over-read in WLAN HAL"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2025-47328",
"datePublished": "2025-09-24T15:33:54.999Z",
"dateReserved": "2025-05-06T08:33:16.261Z",
"dateUpdated": "2025-09-25T18:34:37.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47329 (GCVE-0-2025-47329)
Vulnerability from cvelistv5 – Published: 2025-09-24 15:33 – Updated: 2026-02-26 17:48
VLAI
EPSS
Title
Release of Invalid Pointer or Reference in Android Core
Summary
Memory corruption while handling invalid inputs in application info setup.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-763 - Release of Invalid Pointer or Reference
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
FastConnect 7800
Affected: QAM8255P Affected: QAM8775P Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCM6690 Affected: QCS6690 Affected: SA6155P Affected: SA8155P Affected: SA8195P Affected: SA8255P Affected: SA8770P Affected: SA8775P Affected: SA9000P Affected: Snapdragon 8 Gen 3 Mobile Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: Snapdragon AR1 Gen 1 Platform "Luna1" Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: SW5100 Affected: SW5100P Affected: WCD9380 Affected: WCD9385 Affected: WCD9390 Affected: WCD9395 Affected: WCN6450 Affected: WCN6755 Affected: WCN7861 Affected: WCN7881 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47329",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T03:55:45.504655Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:48:08.693Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon Compute",
"Snapdragon Industrial IOT",
"Snapdragon Wearables"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "QAM8255P"
},
{
"status": "affected",
"version": "QAM8775P"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCM6690"
},
{
"status": "affected",
"version": "QCS6690"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8255P"
},
{
"status": "affected",
"version": "SA8770P"
},
{
"status": "affected",
"version": "SA8775P"
},
{
"status": "affected",
"version": "SA9000P"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform \"Luna1\""
},
{
"status": "affected",
"version": "Snapdragon W5+ Gen 1 Wearable Platform"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCD9390"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN6450"
},
{
"status": "affected",
"version": "WCN6755"
},
{
"status": "affected",
"version": "WCN7861"
},
{
"status": "affected",
"version": "WCN7881"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption while handling invalid inputs in application info setup."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-763",
"description": "CWE-763: Release of Invalid Pointer or Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T15:33:56.356Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html"
}
],
"title": "Release of Invalid Pointer or Reference in Android Core"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2025-47329",
"datePublished": "2025-09-24T15:33:56.356Z",
"dateReserved": "2025-05-06T08:33:16.261Z",
"dateUpdated": "2026-02-26T17:48:08.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48522 (GCVE-0-2025-48522)
Vulnerability from cvelistv5 – Published: 2025-09-04 18:34 – Updated: 2026-02-26 17:49
VLAI
EPSS
Summary
In setDisplayName of AssociationRequest.java, there is a possible way for an app to retain CDM association due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-693 - Protection Mechanism Failure
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48522",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-06T03:56:08.815801Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:49:22.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In setDisplayName of AssociationRequest.java, there is a possible way for an app to retain CDM association due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:04.810Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/bdad29b85a6ca7c55a697e4e66356b744ef6cdb9"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48522",
"datePublished": "2025-09-04T18:34:04.810Z",
"dateReserved": "2025-05-22T18:10:57.281Z",
"dateUpdated": "2026-02-26T17:49:22.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48523 (GCVE-0-2025-48523)
Vulnerability from cvelistv5 – Published: 2025-09-04 18:34 – Updated: 2026-02-26 17:49
VLAI
EPSS
Summary
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48523",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-06T03:56:04.791812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:49:22.362Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:05.838Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Contacts/+/7c8dbcffbc9382fcdb788919106c3b0525db83ab"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48523",
"datePublished": "2025-09-04T18:34:05.838Z",
"dateReserved": "2025-05-22T18:10:57.281Z",
"dateUpdated": "2026-02-26T17:49:22.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48524 (GCVE-0-2025-48524)
Vulnerability from cvelistv5 – Published: 2025-09-04 18:34 – Updated: 2025-09-05 17:23
VLAI
EPSS
Summary
In isSystem of WifiPermissionsUtil.java, there is a possible permission bypass due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Denial of service
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48524",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T16:01:00.805012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T17:23:17.692Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In isSystem of WifiPermissionsUtil.java, there is a possible permission bypass due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:06.885Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/298745e0cb23cbef631aff1977b284155384bbf0"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48524",
"datePublished": "2025-09-04T18:34:06.885Z",
"dateReserved": "2025-05-22T18:10:57.282Z",
"dateUpdated": "2025-09-05T17:23:17.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48526 (GCVE-0-2025-48526)
Vulnerability from cvelistv5 – Published: 2025-09-04 18:34 – Updated: 2026-02-26 17:49
VLAI
EPSS
Summary
In createMultiProfilePagerAdapter of ChooserActivity.java , there is a possible way for an app to launch the ChooserActivity in another profile due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48526",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-06T03:56:12.048428Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:49:21.995Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In createMultiProfilePagerAdapter of ChooserActivity.java , there is a possible way for an app to launch the ChooserActivity in another profile due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:07.920Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/IntentResolver/+/923a5673ac9d4b366097a8912a04e40e85111ed4"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48526",
"datePublished": "2025-09-04T18:34:07.920Z",
"dateReserved": "2025-05-22T18:10:57.282Z",
"dateUpdated": "2026-02-26T17:49:21.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48527 (GCVE-0-2025-48527)
Vulnerability from cvelistv5 – Published: 2025-09-04 18:34 – Updated: 2025-09-05 15:08
VLAI
EPSS
Summary
In multiple locations, there is a possible way to leak hidden work profile notifications due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
6.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information disclosure
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48527",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T15:07:39.502677Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T15:08:36.842Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In multiple locations, there is a possible way to leak hidden work profile notifications due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:09.061Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/d8b1de7a18fc6a469c2d191ff9a0771f5d104fe4"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48527",
"datePublished": "2025-09-04T18:34:09.061Z",
"dateReserved": "2025-05-22T18:10:57.282Z",
"dateUpdated": "2025-09-05T15:08:36.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48528 (GCVE-0-2025-48528)
Vulnerability from cvelistv5 – Published: 2025-09-04 18:34 – Updated: 2026-02-26 17:49
VLAI
EPSS
Summary
In multiple locations, there is a possible way to overlay biometrics due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48528",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-06T03:55:48.430948Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:49:21.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In multiple locations, there is a possible way to overlay biometrics due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:10.219Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/ca71b9a63c40ef3fa741c76a2835146283fbb69a"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48528",
"datePublished": "2025-09-04T18:34:10.219Z",
"dateReserved": "2025-05-22T18:10:57.282Z",
"dateUpdated": "2026-02-26T17:49:21.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48529 (GCVE-0-2025-48529)
Vulnerability from cvelistv5 – Published: 2025-09-04 18:34 – Updated: 2025-09-04 20:27
VLAI
EPSS
Summary
In setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information disclosure
- CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48529",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T20:27:54.929920Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-441",
"description": "CWE-441 Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T20:27:57.757Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:11.346Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/e5cdca27526f5c2c358880538c7a15d8d5d5dd6d"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48529",
"datePublished": "2025-09-04T18:34:11.346Z",
"dateReserved": "2025-05-22T18:10:57.282Z",
"dateUpdated": "2025-09-04T20:27:57.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…