CVE-2025-27062 HIGH

CVE-2025-27062: Improper Access Control in Automotive Multimedia

Vendor Qualcomm, Inc.
Product Snapdragon
Weakness CWE-284
Published August 6, 2025
Last update August 6, 2025
View on NVD All CVEs

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Memory corruption while handling client exceptions, allowing unauthorized channel access.

Key dates

02Disclosure timeline

August 6, 2025 CVE published
August 6, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-25133 Openshift-dedicated: hive: rce through aws/kubernetes client configuration leads to privilege escalation CVE-2024-39701 Directus Incorrectly handles _in` filter CVE-2024-0969 ARMember <= 4.0.24 - Improper Access Control to Sensitive Information Exposure via REST API CVE-2026-31874 Taskosaur Improper Role Assignment via Parameter Manipulation in User Registration CVE-2025-2686 mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 Backend admin doFilter access control