CVE-2025-21479 [Exploited] | Qualcomm AQT1000 FIRMWARE

CVE-2025-21479 is rated Active Exploitation (71.9/100): CVSS High severity, with low exploitation likelihood (EPSS 0.15%). CISA KEV confirms active exploitation (added 2025-06-03) affecting Qualcomm / Multiple Chipsets. a weakness (CWE-863) Unauthenticated remote administrative access may be possible. The CISA remediation deadline has passed—treat as an emergency patch priority.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-03-30	0.07%	0.15%	+0.08%
2	2025-11-21	2.42%	0.07%	-2.35%
3	2025-11-18	—	2.42%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-03-30

0.07%

0.15%

+0.08%

2025-11-21

2.42%

0.07%

-2.35%

2025-11-18

—

2.42%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
8.6	3.1	HIGH	`CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:N) No account or special rights needed—anonymous or random user is enough. User interaction (UI:R) A real person has to do something—click, install, enable—otherwise it doesn’t land. Scope (S:C) Breaking this can reach past the original component and bite other resources—bigger blast radius. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:H) They could widely tamper with or forge data—trust in the data is badly hurt. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	1.8	6.0	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

8.6

3.1

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N): No account or special rights needed—anonymous or random user is enough.
User interaction (UI:R): A real person has to do something—click, install, enable—otherwise it doesn’t land.
Scope (S:C): Breaking this can reach past the original component and bite other resources—bigger blast radius.
Confidentiality (C:H): Serious risk that confidential data gets exposed in a big way.
Integrity (I:H): They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

1.8

6.0

[email protected]

Affected software / configurations for CVE-2025-21479

Vendor	Product	Version	Raw CPE
qualcomm	aqt1000_firmware	—	cpe:2.3:o:qualcomm:aqt1000_firmware:-:::::::*
qualcomm	fastconnect_6200_firmware	—	cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:::::::*
qualcomm	fastconnect_6700_firmware	—	cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:::::::*
qualcomm	fastconnect_6900_firmware	—	cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::*
qualcomm	fastconnect_7800_firmware	—	cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::*
qualcomm	fastconnect_6800_firmware	—	cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:::::::*
qualcomm	qca6391_firmware	—	cpe:2.3:o:qualcomm:qca6391_firmware:-:::::::*
qualcomm	qcm4490_firmware	—	cpe:2.3:o:qualcomm:qcm4490_firmware:-:::::::*
qualcomm	qcs4490_firmware	—	cpe:2.3:o:qualcomm:qcs4490_firmware:-:::::::*
qualcomm	sd855_firmware	—	cpe:2.3:o:qualcomm:sd855_firmware:-:::::::*
qualcomm	sm4635_firmware	—	cpe:2.3:o:qualcomm:sm4635_firmware:-:::::::*
qualcomm	sm6250_firmware	—	cpe:2.3:o:qualcomm:sm6250_firmware:-:::::::*
qualcomm	sm6650_firmware	—	cpe:2.3:o:qualcomm:sm6650_firmware:-:::::::*
qualcomm	sm6650p_firmware	—	cpe:2.3:o:qualcomm:sm6650p_firmware:-:::::::*
qualcomm	sm7325p_firmware	—	cpe:2.3:o:qualcomm:sm7325p_firmware:-:::::::*
qualcomm	sm7635_firmware	—	cpe:2.3:o:qualcomm:sm7635_firmware:-:::::::*
qualcomm	sm7675_firmware	—	cpe:2.3:o:qualcomm:sm7675_firmware:-:::::::*
qualcomm	sm7675p_firmware	—	cpe:2.3:o:qualcomm:sm7675p_firmware:-:::::::*
qualcomm	sm8550p_firmware	—	cpe:2.3:o:qualcomm:sm8550p_firmware:-:::::::*
qualcomm	sm8635_firmware	—	cpe:2.3:o:qualcomm:sm8635_firmware:-:::::::*
qualcomm	sm8635p_firmware	—	cpe:2.3:o:qualcomm:sm8635p_firmware:-:::::::*
qualcomm	sm8650q_firmware	—	cpe:2.3:o:qualcomm:sm8650q_firmware:-:::::::*
qualcomm	snapdragon_4_gen_1_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_460_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_480_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware:-:::::::*
qualcomm	snapdragon_662_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_680_4g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware:-:::::::*
qualcomm	snapdragon_690_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_695_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_720g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_720g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_778g_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmware:-:::::::*
qualcomm	snapdragon_782g_mobile_platform_\(sm7325-af\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_782g_mobile_platform_\(sm7325-af\)_firmware:-:::::::*
qualcomm	snapdragon_7c\+_gen_3_compute_firmware	—	cpe:2.3:o:qualcomm:snapdragon_7c\+_gen_3_compute_firmware:-:::::::*
qualcomm	snapdragon_8_gen_2_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_8_gen_3_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_8\+_gen_2_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8\+_gen_2_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_855_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmware:-:::::::*
qualcomm	snapdragon_865_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware:-:::::::*
qualcomm	snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware:-:::::::*
qualcomm	snapdragon_888_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware:-:::::::*
qualcomm	snapdragon_ar1_gen_1_firmware	—	cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_firmware:-:::::::*
qualcomm	snapdragon_ar1_gen_1_platform_\"luna1\"_firmware	—	cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_\"luna1\"_firmware:-:::::::*
qualcomm	snapdragon_x55_5g_modem-rf_system_firmware	—	cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:::::::*
qualcomm	sxr2230p_firmware	—	cpe:2.3:o:qualcomm:sxr2230p_firmware:-:::::::*
qualcomm	sxr2250p_firmware	—	cpe:2.3:o:qualcomm:sxr2250p_firmware:-:::::::*
qualcomm	sxr2330p_firmware	—	cpe:2.3:o:qualcomm:sxr2330p_firmware:-:::::::*
qualcomm	wcd9395_firmware	—	cpe:2.3:o:qualcomm:wcd9395_firmware:-:::::::*
qualcomm	wcn3950_firmware	—	cpe:2.3:o:qualcomm:wcn3950_firmware:-:::::::*
qualcomm	wcn3988_firmware	—	cpe:2.3:o:qualcomm:wcn3988_firmware:-:::::::*
qualcomm	wcn6450_firmware	—	cpe:2.3:o:qualcomm:wcn6450_firmware:-:::::::*
qualcomm	wcn6650_firmware	—	cpe:2.3:o:qualcomm:wcn6650_firmware:-:::::::*
qualcomm	wcn6755_firmware	—	cpe:2.3:o:qualcomm:wcn6755_firmware:-:::::::*
qualcomm	wcn7861_firmware	—	cpe:2.3:o:qualcomm:wcn7861_firmware:-:::::::*
qualcomm	wcn7881_firmware	—	cpe:2.3:o:qualcomm:wcn7881_firmware:-:::::::*
qualcomm	wsa8810_firmware	—	cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::*
qualcomm	wsa8815_firmware	—	cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::*
qualcomm	wsa8830_firmware	—	cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::*
qualcomm	wsa8835_firmware	—	cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::*
qualcomm	wsa8840_firmware	—	cpe:2.3:o:qualcomm:wsa8840_firmware:-:::::::*
qualcomm	wsa8845_firmware	—	cpe:2.3:o:qualcomm:wsa8845_firmware:-:::::::*
qualcomm	wsa8845h_firmware	—	cpe:2.3:o:qualcomm:wsa8845h_firmware:-:::::::*
qualcomm	wcd9341_firmware	—	cpe:2.3:o:qualcomm:wcd9341_firmware:-:::::::*
qualcomm	wcd9370_firmware	—	cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::*
qualcomm	wcd9375_firmware	—	cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::*
qualcomm	wcd9378_firmware	—	cpe:2.3:o:qualcomm:wcd9378_firmware:-:::::::*
qualcomm	wcd9380_firmware	—	cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*
qualcomm	wcd9385_firmware	—	cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::*
qualcomm	wcd9390_firmware	—	cpe:2.3:o:qualcomm:wcd9390_firmware:-:::::::*
qualcomm	wsa8832_firmware	—	cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::*

References for CVE-2025-21479

URL	Tags
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html	Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21479	US Government Resource

URL

CVE-2025-21479 | Incorrect Authorization in Graphics

CISA KEV Record for CVE-2025-21479

Exploit prediction scoring system (EPSS) score for CVE-2025-21479

Common vulnerability scoring system (CVSS) metrics for CVE-2025-21479

Weakness enumeration for CVE-2025-21479

Affected software / configurations for CVE-2025-21479

References for CVE-2025-21479