CVE-2025-21479

Confirmed PUBLISHED

Incorrect Authorization in Graphics

Qualcomm, Inc. · Snapdragon

1 day faster than CISA KEV

Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
8.6 High EPSS 0.7%

At a Glance

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

cisa
CVE Published
Jun 03, 2025
Exploitation Reported
Jun 01, 2026
CVSS
8.6 High
EPSS
0.7%
Low complexity Unauthenticated

Affected Versions

75 version rows · page 1 of 3

Vendor Product Version Status
Qualcomm, Inc.
Snapdragon

AQT1000

Affected
Qualcomm, Inc.
Snapdragon

FastConnect 6200

Affected
Qualcomm, Inc.
Snapdragon

FastConnect 6700

Affected
Qualcomm, Inc.
Snapdragon

FastConnect 6800

Affected
Qualcomm, Inc.
Snapdragon

FastConnect 6900

Affected
Qualcomm, Inc.
Snapdragon

FastConnect 7800

Affected
Qualcomm, Inc.
Snapdragon

QCA6391

Affected
Qualcomm, Inc.
Snapdragon

QCM4490

Affected
Qualcomm, Inc.
Snapdragon

QCS4490

Affected
Qualcomm, Inc.
Snapdragon

SD855

Affected
Qualcomm, Inc.
Snapdragon

SM4635

Affected
Qualcomm, Inc.
Snapdragon

SM6250

Affected
Qualcomm, Inc.
Snapdragon

SM6650

Affected
Qualcomm, Inc.
Snapdragon

SM6650P

Affected
Qualcomm, Inc.
Snapdragon

SM7325P

Affected
Qualcomm, Inc.
Snapdragon

SM7635

Affected
Qualcomm, Inc.
Snapdragon

SM7675

Affected
Qualcomm, Inc.
Snapdragon

SM7675P

Affected
Qualcomm, Inc.
Snapdragon

SM8550P

Affected
Qualcomm, Inc.
Snapdragon

SM8635

Affected
Qualcomm, Inc.
Snapdragon

SM8635P

Affected
Qualcomm, Inc.
Snapdragon

SM8650Q

Affected
Qualcomm, Inc.
Snapdragon

Snapdragon 4 Gen 1 Mobile Platform

Affected
Qualcomm, Inc.
Snapdragon

Snapdragon 460 Mobile Platform

Affected
Qualcomm, Inc.
Snapdragon

Snapdragon 480 5G Mobile Platform

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.