CVE-2025-21439: Out-of-bounds Read in Windows WLAN Host
7.8
CVSS
Description
Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.
Classification
CVE ID: CVE-2025-21439
CVSS Base Severity: HIGH
CVSS Base Score: 7.8
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem Types
CWE-787: Out-of-bounds WriteAffected Products
Vendor: Qualcomm, Inc.
Product: Snapdragon
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 2.59% (scored less or equal to compared to others)
EPSS Date: 2025-04-22 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-21439https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html