CVE-2025-21479: Incorrect Authorization in Graphics

8.6 CVSS

Description

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

🚨 Marked as known exploited on June 3rd, 2025 (3 days ago).

CVSS Base Severity: HIGH

CVSS Base Score: 8.6

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Vendor: Qualcomm, Inc.

Product: Snapdragon

EPSS Score: 3.15% (probability of being exploited)

EPSS Percentile: 86.26% (scored less or equal to compared to others)

EPSS Date: 2025-06-05 (when was this score calculated)

2025-06-02 15:15:29 UTC
TheHackerNews

Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
2025-06-02 19:45:14 UTC
CyberInsider

Android Fixes Actively Exploited Zero-Days in Qualcomm Components
2025-06-03 07:40:08 UTC
CVE

Incorrect Authorization in Graphics
2025-06-03 17:15:13 UTC
CISA KEV

Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
2025-06-03 17:16:13 UTC
🚨 Marked as Known Exploited