CVE-2025-27066 [High] | Denial of Service in 315 5g Iot Modem Firmware

CVE-2025-27066 is rated Moderate Risk (43.4/100): CVSS High severity, with low exploitation likelihood (EPSS 0.17%). Review affected assets and schedule remediation.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-02	0.02%	0.17%	+0.15%
2	2026-01-01	0.05%	0.02%	-0.03%
3	2025-08-12	—	0.05%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-02

0.02%

0.17%

+0.15%

2026-01-01

0.05%

0.02%

-0.03%

2025-08-12

—

0.05%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
7.5	3.1	HIGH	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H` Click to expand Attack vector (AV:N) Could be attacked over the internet or any normal routed network—not just someone sitting at the machine. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:N) No account or special rights needed—anonymous or random user is enough. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:N) Doesn’t really leak secrets in a meaningful way. Integrity (I:N) Data isn’t meaningfully altered or forged. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	3.9	3.6	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

7.5

3.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Click to expand

Attack vector (AV:N): Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N): No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N): Doesn’t really leak secrets in a meaningful way.
Integrity (I:N): Data isn’t meaningfully altered or forged.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

3.9

3.6

[email protected]

Affected software / configurations for CVE-2025-27066

Vendor	Product	Version	Raw CPE
qualcomm	315_5g_iot_modem_firmware	—	cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:::::::*
qualcomm	aqt1000_firmware	—	cpe:2.3:o:qualcomm:aqt1000_firmware:-:::::::*
qualcomm	ar8031_firmware	—	cpe:2.3:o:qualcomm:ar8031_firmware:-:::::::*
qualcomm	ar8035_firmware	—	cpe:2.3:o:qualcomm:ar8035_firmware:-:::::::*
qualcomm	ar9380_firmware	—	cpe:2.3:o:qualcomm:ar9380_firmware:-:::::::*
qualcomm	qcn5021_firmware	—	cpe:2.3:o:qualcomm:qcn5021_firmware:-:::::::*
qualcomm	qcn5022_firmware	—	cpe:2.3:o:qualcomm:qcn5022_firmware:-:::::::*
qualcomm	qcn5024_firmware	—	cpe:2.3:o:qualcomm:qcn5024_firmware:-:::::::*
qualcomm	qcn5052_firmware	—	cpe:2.3:o:qualcomm:qcn5052_firmware:-:::::::*
qualcomm	qcn5054_firmware	—	cpe:2.3:o:qualcomm:qcn5054_firmware:-:::::::*
qualcomm	qcn5122_firmware	—	cpe:2.3:o:qualcomm:qcn5122_firmware:-:::::::*
qualcomm	qcn5124_firmware	—	cpe:2.3:o:qualcomm:qcn5124_firmware:-:::::::*
qualcomm	qcn5152_firmware	—	cpe:2.3:o:qualcomm:qcn5152_firmware:-:::::::*
qualcomm	qcn5154_firmware	—	cpe:2.3:o:qualcomm:qcn5154_firmware:-:::::::*
qualcomm	qcn5164_firmware	—	cpe:2.3:o:qualcomm:qcn5164_firmware:-:::::::*
qualcomm	qcn6023_firmware	—	cpe:2.3:o:qualcomm:qcn6023_firmware:-:::::::*
qualcomm	qcn6024_firmware	—	cpe:2.3:o:qualcomm:qcn6024_firmware:-:::::::*
qualcomm	qcn6100_firmware	—	cpe:2.3:o:qualcomm:qcn6100_firmware:-:::::::*
qualcomm	qcn6102_firmware	—	cpe:2.3:o:qualcomm:qcn6102_firmware:-:::::::*
qualcomm	qcn6112_firmware	—	cpe:2.3:o:qualcomm:qcn6112_firmware:-:::::::*
qualcomm	qcn6122_firmware	—	cpe:2.3:o:qualcomm:qcn6122_firmware:-:::::::*
qualcomm	qcn6132_firmware	—	cpe:2.3:o:qualcomm:qcn6132_firmware:-:::::::*
qualcomm	qcn6224_firmware	—	cpe:2.3:o:qualcomm:qcn6224_firmware:-:::::::*
qualcomm	qcn6274_firmware	—	cpe:2.3:o:qualcomm:qcn6274_firmware:-:::::::*
qualcomm	qcn7605_firmware	—	cpe:2.3:o:qualcomm:qcn7605_firmware:-:::::::*
qualcomm	qcn7606_firmware	—	cpe:2.3:o:qualcomm:qcn7606_firmware:-:::::::*
qualcomm	qcn9000_firmware	—	cpe:2.3:o:qualcomm:qcn9000_firmware:-:::::::*
qualcomm	qcn9001_firmware	—	cpe:2.3:o:qualcomm:qcn9001_firmware:-:::::::*
qualcomm	qcn9002_firmware	—	cpe:2.3:o:qualcomm:qcn9002_firmware:-:::::::*
qualcomm	qcn9003_firmware	—	cpe:2.3:o:qualcomm:qcn9003_firmware:-:::::::*
qualcomm	qcn9011_firmware	—	cpe:2.3:o:qualcomm:qcn9011_firmware:-:::::::*
qualcomm	qcn9012_firmware	—	cpe:2.3:o:qualcomm:qcn9012_firmware:-:::::::*
qualcomm	qcn9022_firmware	—	cpe:2.3:o:qualcomm:qcn9022_firmware:-:::::::*
qualcomm	qcn9024_firmware	—	cpe:2.3:o:qualcomm:qcn9024_firmware:-:::::::*
qualcomm	qcn9070_firmware	—	cpe:2.3:o:qualcomm:qcn9070_firmware:-:::::::*
qualcomm	qcn9072_firmware	—	cpe:2.3:o:qualcomm:qcn9072_firmware:-:::::::*
qualcomm	qcn9074_firmware	—	cpe:2.3:o:qualcomm:qcn9074_firmware:-:::::::*
qualcomm	qcn9100_firmware	—	cpe:2.3:o:qualcomm:qcn9100_firmware:-:::::::*
qualcomm	qcn9274_firmware	—	cpe:2.3:o:qualcomm:qcn9274_firmware:-:::::::*
qualcomm	qcs2290_firmware	—	cpe:2.3:o:qualcomm:qcs2290_firmware:-:::::::*
qualcomm	qcs410_firmware	—	cpe:2.3:o:qualcomm:qcs410_firmware:-:::::::*
qualcomm	qcs4290_firmware	—	cpe:2.3:o:qualcomm:qcs4290_firmware:-:::::::*
qualcomm	qcs4490_firmware	—	cpe:2.3:o:qualcomm:qcs4490_firmware:-:::::::*
qualcomm	qcs5430_firmware	—	cpe:2.3:o:qualcomm:qcs5430_firmware:-:::::::*
qualcomm	qcs610_firmware	—	cpe:2.3:o:qualcomm:qcs610_firmware:-:::::::*
qualcomm	snapdragon_4_gen_1_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_4_gen_2_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_4_gen_2_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_460_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_480_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware:-:::::::*
qualcomm	snapdragon_660_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_662_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_665_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_665_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_670_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_670_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_675_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_675_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_678_mobile_platform_\(sm6150-ac\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_678_mobile_platform_\(sm6150-ac\)_firmware:-:::::::*
qualcomm	snapdragon_680_4g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware:-:::::::*
qualcomm	snapdragon_690_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_695_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_710_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_710_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_712_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_712_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_720g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_720g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_730_mobile_platform_\(sm7150-aa\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_730_mobile_platform_\(sm7150-aa\)_firmware:-:::::::*
qualcomm	snapdragon_730g_mobile_platform_\(sm7150-ab\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_730g_mobile_platform_\(sm7150-ab\)_firmware:-:::::::*
qualcomm	snapdragon_732g_mobile_platform_\(sm7150-ac\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_732g_mobile_platform_\(sm7150-ac\)_firmware:-:::::::*
qualcomm	snapdragon_750g_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmware:-:::::::*
qualcomm	snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmware:-:::::::*
qualcomm	snapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmware:-:::::::*
qualcomm	snapdragon_778g_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmware:-:::::::*
qualcomm	snapdragon_780g_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_782g_mobile_platform_\(sm7325-af\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_782g_mobile_platform_\(sm7325-af\)_firmware:-:::::::*
qualcomm	snapdragon_7c_compute_platform_\(sc7180-ac\)_firmware	—	cpe:2.3:o:qualcomm:snapdragon_7c_compute_platform_\(sc7180-ac\)_firmware:-:::::::*
qualcomm	snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmware	—	cpe:2.3:o:qualcomm:snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmware:-:::::::*
qualcomm	snapdragon_7c\+_gen_3_compute_firmware	—	cpe:2.3:o:qualcomm:snapdragon_7c\+_gen_3_compute_firmware:-:::::::*
qualcomm	snapdragon_8_gen_1_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_8_gen_2_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_8_gen_3_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_platform_firmware:-:::::::*

References for CVE-2025-27066

URL	Tags
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html	Vendor Advisory

URL

CVE-2025-27066 | Reachable Assertion in WLAN Firmware

Exploit prediction scoring system (EPSS) score for CVE-2025-27066

Common vulnerability scoring system (CVSS) metrics for CVE-2025-27066

Weakness enumeration for CVE-2025-27066

Affected software / configurations for CVE-2025-27066

References for CVE-2025-27066