Memory corruption while selecting the PLMN from SOR failed list.
The error classified as CWE-129 (improper array index validation) occurs during PLMN network selection from the SOR (Steering of Roaming) error list. Improper index validation can lead to writing or reading outside buffer boundaries, resulting in memory corruption. A network attack vector (AV:N) without requiring privileges or user interaction means that the exploit can be remotely triggered by malicious network infrastructure from an operator or a fake base station.
An attacker can cause memory corruption on the device, potentially gaining the ability to execute arbitrary code (RCE) or destabilizing device operation. Confidentiality, integrity, and availability of the system are threatened to the highest degree.
Patches available from the manufacturer should be applied according to references — details in the Qualcomm security bulletin for September 2025: https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html
Qualcomm Snapdragon 765G 5G Mobile Platform (SM7250-AB) Firmware, Qualcomm QCA6574A Firmware, Qualcomm Snapdragon X75 5G Modem-RF System Firmware, Qualcomm WCD9375 Firmware, Qualcomm 315 5G IoT Modem Firmware — versions specified in manufacturer references
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HQualcomm 315 5g Iot Modem
HWQualcommwszystkie wersjeQualcomm 315 5g Iot Modem Firmware
OSQualcommwszystkie wersjeQualcomm Ar8035
HWQualcommwszystkie wersjeQualcomm Ar8035 Firmware
OSQualcommwszystkie wersjeQualcomm Fastconnect 6200
HWQualcommwszystkie wersjeQualcomm Fastconnect 6200 Firmware
OSQualcommwszystkie wersjeQualcomm Fastconnect 6700
HWQualcommwszystkie wersjeQualcomm Fastconnect 6700 Firmware
OSQualcommwszystkie wersjeQualcomm Fastconnect 6800
HWQualcommwszystkie wersjeQualcomm Fastconnect 6800 Firmware
OSQualcommwszystkie wersjeQualcomm Fastconnect 6900
HWQualcommwszystkie wersjeQualcomm Fastconnect 6900 Firmware
OSQualcommwszystkie wersjeQualcomm Fastconnect 7800
HWQualcommwszystkie wersjeQualcomm Fastconnect 7800 Firmware
OSQualcommwszystkie wersjeQualcomm Qca6174a
HWQualcommwszystkie wersjeQualcomm Qca6174a Firmware
OSQualcommwszystkie wersjeQualcomm Qca6391
HWQualcommwszystkie wersjeQualcomm Qca6391 Firmware
OSQualcommwszystkie wersjeQualcomm Qca6574a
HWQualcommwszystkie wersjeQualcomm Qca6574a Firmware
OSQualcommwszystkie wersjeQualcomm Qca6584au
HWQualcommwszystkie wersjeQualcomm Qca6584au Firmware
OSQualcommwszystkie wersjeQualcomm Qca6595au
HWQualcommwszystkie wersjeQualcomm Qca6595au Firmware
OSQualcommwszystkie wersjeQualcomm Qca6696
HWQualcommwszystkie wersjeQualcomm Qca6696 Firmware
OSQualcommwszystkie wersjeQualcomm Qca6698aq
HWQualcommwszystkie wersjeQualcomm Qca6698aq Firmware
OSQualcommwszystkie wersjeQualcomm Qca8081
HWQualcommwszystkie wersjeQualcomm Qca8081 Firmware
OSQualcommwszystkie wersje
Related vulnerabilities
Qualcomm: Memory Corruption przy ładowaniu uszkodzonego obrazu ELF
Memory corruption w Qualcomm podczas składania pakietów RTP (NALUs)
Qualcomm: podatność kryptograficzna umożliwiająca Auth Bypass podczas pobierania
Qualcomm: Uszkodzenie pamięci przy parsowaniu ML IE w firmware
Qualcomm Snapdragon – memory corruption przy przekierowaniu pliku logów