Detections
Analytics

Qualcomm FastConnect 7800 Multiple Vulnerabilities (June 2025)

high Nessus Plugin ID 275164

Language:

Synopsis

Qualcomm FastConnect 7800 chipset may be affected by multiple vulnerabilities.

Description

The version of Qualcomm FastConnect 7800 running on the remote host may be missing a vendor supplied patch. It is possible, therefore, that it is affected by multiple vulnerabilities, as follows:

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. (CVE-2025-21479)

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. (CVE-2025-21480)

Memory corruption while rendering graphics using Adreno GPU drivers in Chrome. (CVE-2025-27038)

Note that Nessus has not tested for this issue.

Solution

See vendor advisory.

See Also

http://www.nessus.org/u?346ee104

http://www.nessus.org/u?e9408ffe

http://www.nessus.org/u?0b4df95f

http://www.nessus.org/u?9dd11a30

Plugin Details

Severity: High

ID: 275164

File Name: qualcomm_fastconnect_7800_june_2025.nasl

Version: 1.1

Type: local

Agent: windows

Family: Windows

Published: 11/12/2025

Updated: 11/12/2025

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 10.0

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2025-21479

CVSS v3

Risk Factor: High

Base Score: 8.6

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/h:qualcomm:fastconnect_7800

Patch Publication Date: 6/10/2025

Vulnerability Publication Date: 6/3/2025

CISA Known Exploited Vulnerability Due Dates: 6/24/2025

Reference Information

CVE: CVE-2025-21479, CVE-2025-21480, CVE-2025-27038