PULSE
LIVE18signals / 24h
FEED
ransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Services
← All CVEs
CVE Watch

CVE-2025-21480

Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability

CVSS

No CVSS

EPSS

0.4%

p35

KEV

YES

Jun 3, 2025

Exploit Today

61

0-100

Published: · Last modified:

EPSS · 30d
0.4%EPSS · 30 days0.4%
2026-06-302026-07-17
KEV catalog record

Product

Qualcomm / Multiple Chipsets

Vulnerability

Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability

Added to KEV

Jun 3, 2025

Remediate by

Jun 24, 2025

Known ransomware use

No

Summary description

Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

Required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Notes

Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-21480

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2021-1905
63.3%
KEV69Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVE-2026-21385
61.0%
KEV68Qualcomm Multiple Chipsets Memory Corruption Vulnerability
CVE-2023-33107
55.4%
KEV67Qualcomm Multiple Chipsets Integer Overflow Vulnerability
CVE-2023-33106
54.2%
KEV66Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability
CVE-2025-27038
53.5%
KEV66Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVE-2025-21479
51.7%
KEV66Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability