7.5
HIGH CVSS 3.1
CVE-2025-27029
Cisco Router Denial of Service
Description

Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.

INFO

Published Date :

June 3, 2025, 6:15 a.m.

Last Modified :

Aug. 20, 2025, 8:25 p.m.

Remotely Exploit :

Yes !
Affected Products

The following products are affected by CVE-2025-27029 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Qualcomm wsa8830_firmware
2 Qualcomm wsa8835_firmware
3 Qualcomm ipq9008_firmware
4 Qualcomm ipq9574_firmware
5 Qualcomm qca8075_firmware
6 Qualcomm qca8081_firmware
7 Qualcomm qca8082_firmware
8 Qualcomm qca8084_firmware
9 Qualcomm qca8085_firmware
10 Qualcomm qca8386_firmware
11 Qualcomm qcn5124_firmware
12 Qualcomm qcn9000_firmware
13 Qualcomm qcn9012_firmware
14 Qualcomm qcn9024_firmware
15 Qualcomm qcn9074_firmware
16 Qualcomm qcn9274_firmware
17 Qualcomm wsa8832_firmware
18 Qualcomm fastconnect_7800_firmware
19 Qualcomm qca0000_firmware
20 Qualcomm immersive_home_3210_platform_firmware
21 Qualcomm immersive_home_326_platform_firmware
22 Qualcomm ipq9554_firmware
23 Qualcomm ipq9570_firmware
24 Qualcomm wcd9390_firmware
25 Qualcomm wcd9395_firmware
26 Qualcomm wsa8840_firmware
27 Qualcomm wsa8845_firmware
28 Qualcomm wsa8845h_firmware
29 Qualcomm ipq5332_firmware
30 Qualcomm qcf8001_firmware
31 Qualcomm wsa8830
32 Qualcomm wsa8835
33 Qualcomm qca8075
34 Qualcomm qca8081
35 Qualcomm qcn5124
36 Qualcomm qcn9000
37 Qualcomm qcn9074
38 Qualcomm qca0000
39 Qualcomm qcn9012
40 Qualcomm qcn9024
41 Qualcomm qcf8000_firmware
42 Qualcomm snapdragon_8_gen_3_mobile_platform_firmware
43 Qualcomm ipq5302_firmware
44 Qualcomm ipq5312_firmware
45 Qualcomm qcn6402_firmware
46 Qualcomm qcn6412_firmware
47 Qualcomm qcn6422_firmware
48 Qualcomm qcn6432_firmware
49 Qualcomm fastconnect_7800
50 Qualcomm wcd9390
51 Qualcomm wcd9395
52 Qualcomm wsa8832
53 Qualcomm wsa8840
54 Qualcomm wsa8845
55 Qualcomm wsa8845h
56 Qualcomm immersive_home_3210_platform
57 Qualcomm immersive_home_326_platform
58 Qualcomm ipq5332
59 Qualcomm ipq9008
60 Qualcomm ipq9554
61 Qualcomm ipq9570
62 Qualcomm ipq9574
63 Qualcomm qca8082
64 Qualcomm qca8084
65 Qualcomm qca8085
66 Qualcomm qca8386
67 Qualcomm qcf8000
68 Qualcomm qcf8001
69 Qualcomm qcn9274
70 Qualcomm snapdragon_8_gen_3_mobile_platform
71 Qualcomm ipq5302
72 Qualcomm ipq5312
73 Qualcomm qcn6402
74 Qualcomm qcn6412
75 Qualcomm qcn6422
76 Qualcomm qcn6432
77 Qualcomm ipq5300_firmware
78 Qualcomm ipq5300
79 Qualcomm sm8750_firmware
80 Qualcomm sm8750
81 Qualcomm wcn6755_firmware
82 Qualcomm wcn6755
83 Qualcomm qcn9160_firmware
84 Qualcomm qcn9160
85 Qualcomm qxm8083_firmware
86 Qualcomm qxm8083
87 Qualcomm wcd9378_firmware
88 Qualcomm wcd9378
89 Qualcomm wcn7880_firmware
90 Qualcomm wcn7880
91 Qualcomm wcn6650_firmware
92 Qualcomm wcn6650
93 Qualcomm wcn7881_firmware
94 Qualcomm wcn7881
95 Qualcomm wcn7861_firmware
96 Qualcomm wcn7861
97 Qualcomm wcn7860_firmware
98 Qualcomm wcn7860
99 Qualcomm sm8750p_firmware
100 Qualcomm sm8750p
101 Qualcomm ipq9048_firmware
102 Qualcomm ipq9048
103 Qualcomm sm6650_firmware
104 Qualcomm sm6650
105 Qualcomm sm7635_firmware
106 Qualcomm sm7635
107 Qualcomm wcn6450_firmware
108 Qualcomm wcn6450
109 Qualcomm sm8735_firmware
110 Qualcomm sm8735
111 Qualcomm qmp1000_firmware
112 Qualcomm qmp1000
113 Qualcomm wcn7750_firmware
114 Qualcomm wcn7750
115 Qualcomm sm6650p_firmware
116 Qualcomm sm6650p
117 Qualcomm ipq5424_firmware
118 Qualcomm ipq5424
119 Qualcomm qca8080_firmware
120 Qualcomm qca8080
121 Qualcomm qca8101_firmware
122 Qualcomm qca8101
123 Qualcomm qca8384_firmware
124 Qualcomm qca8384
125 Qualcomm qca8385_firmware
126 Qualcomm qca8385
127 Qualcomm qcn5224_firmware
128 Qualcomm qcn5224
129 Qualcomm qca8102_firmware
130 Qualcomm qca8102
131 Qualcomm qca8111_firmware
132 Qualcomm qca8111
133 Qualcomm qca8112_firmware
134 Qualcomm qca8112
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 HIGH [email protected]
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-27029.

URL Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html Vendor Advisory
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-27029 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-27029 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-27029 vulnerability anywhere in the article.

  • Cyber Security News
Android Security Update – Patch for Vulnerabilities that Allows Privilege Escalation

Google has released a comprehensive security update for Android devices addressing multiple high-severity vulnerabilities that could allow privilege escalation and remote code execution. The update ta ... Read more

Published Date: Jun 03, 2025 (2 months, 3 weeks ago)

The following table lists the changes that have been made to the CVE-2025-27029 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Aug. 20, 2025

    Action Type Old Value New Value
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:immersive_home_3210_platform_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:immersive_home_3210_platform:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:immersive_home_326_platform_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:immersive_home_326_platform:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq5300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq5300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq5302_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq5302:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq5312_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq5312:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq5332_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq5332:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq5424_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq5424:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq9048_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq9048:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq9554_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq9554:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq9570_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq9570:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca0000_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca0000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8080_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8080:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8101_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8101:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8102_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8102:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8111_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8112_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8112:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8384_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8384:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8385_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8385:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcf8000_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcf8000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcf8001_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcf8001:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn5224_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn5224:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn6402_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn6402:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn6412_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn6412:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn6422_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn6422:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn6432_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn6432:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn9160_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn9160:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qmp1000_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qmp1000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qxm8083_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qxm8083:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm6650_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm6650:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm6650p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm6650p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm7635_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm7635:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm8735_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm8735:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm8750_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm8750:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm8750p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm8750p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_platform_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile_platform:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn6450:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn7750_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn7750:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn7880:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*
    Added Reference Type Qualcomm, Inc.: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html Types: Vendor Advisory
  • New CVE Received by [email protected]

    Jun. 03, 2025

    Action Type Old Value New Value
    Added Description Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Added CWE CWE-126
    Added Reference https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
Base CVSS Score: 7.5
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact