CVE-2025-21429
📋 TL;DR
This vulnerability allows memory corruption during Wi-Fi connection establishment between a station (STA) and access point (AP) when initiating an ADD TS (Traffic Stream) request. Attackers could potentially execute arbitrary code or cause denial of service on affected devices. This affects Qualcomm chipsets used in mobile devices, IoT products, and networking equipment.
💻 Affected Systems
- Qualcomm chipsets with Wi-Fi capabilities
📦 What is this software?
Qualcomm 205 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Qualcomm 205 Mobile Platform Firmware →
Smart Audio 200 Platform Firmware by Qualcomm
Smart Audio 400 Platform Firmware by Qualcomm
Smart Display 200 Platform Firmware by Qualcomm
View all CVEs affecting Smart Display 200 Platform Firmware →
Snapdragon 1200 Wearable Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 1200 Wearable Platform Firmware →
Snapdragon 210 Processor Firmware by Qualcomm
Snapdragon 212 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 212 Mobile Platform Firmware →
Snapdragon 4 Gen 1 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 4 Gen 1 Mobile Platform Firmware →
Snapdragon 429 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 429 Mobile Platform Firmware →
Snapdragon 460 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 460 Mobile Platform Firmware →
Snapdragon 480 5g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 480 5g Mobile Platform Firmware →
Snapdragon 480\+ 5g Mobile Platform \(sm4350 Ac\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 480\+ 5g Mobile Platform \(sm4350 Ac\) Firmware →
Snapdragon 625 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 625 Mobile Platform Firmware →
Snapdragon 626 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 626 Mobile Platform Firmware →
Snapdragon 660 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 660 Mobile Platform Firmware →
Snapdragon 662 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 662 Mobile Platform Firmware →
Snapdragon 670 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 670 Mobile Platform Firmware →
Snapdragon 675 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 675 Mobile Platform Firmware →
Snapdragon 678 Mobile Platform \(sm6150 Ac\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 678 Mobile Platform \(sm6150 Ac\) Firmware →
Snapdragon 680 4g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 680 4g Mobile Platform Firmware →
Snapdragon 685 4g Mobile Platform \(sm6225 Ad\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 685 4g Mobile Platform \(sm6225 Ad\) Firmware →
Snapdragon 695 5g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 695 5g Mobile Platform Firmware →
Snapdragon 710 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 710 Mobile Platform Firmware →
Snapdragon 720g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 720g Mobile Platform Firmware →
Snapdragon 730 Mobile Platform \(sm7150 Aa\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 730 Mobile Platform \(sm7150 Aa\) Firmware →
Snapdragon 730g Mobile Platform \(sm7150 Ab\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 730g Mobile Platform \(sm7150 Ab\) Firmware →
Snapdragon 732g Mobile Platform \(sm7150 Ac\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 732g Mobile Platform \(sm7150 Ac\) Firmware →
Snapdragon 8 Gen 1 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 8 Gen 1 Mobile Platform Firmware →
Snapdragon 8 Gen 3 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 8 Gen 3 Mobile Platform Firmware →
Snapdragon 820 Automotive Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 820 Automotive Platform Firmware →
Snapdragon 855 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 855 Mobile Platform Firmware →
Snapdragon 855\+\/860 Mobile Platform \(sm8150 Ac\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 855\+\/860 Mobile Platform \(sm8150 Ac\) Firmware →
Snapdragon 865 5g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 865 5g Mobile Platform Firmware →
Snapdragon 865\+ 5g Mobile Platform \(sm8250 Ab\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 865\+ 5g Mobile Platform \(sm8250 Ab\) Firmware →
Snapdragon 870 5g Mobile Platform \(sm8250 Ac\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 870 5g Mobile Platform \(sm8250 Ac\) Firmware →
Snapdragon Auto 4g Modem Firmware by Qualcomm
Snapdragon Auto 5g Modem Rf Firmware by Qualcomm
View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →
Snapdragon Auto 5g Modem Rf Gen 2 Firmware by Qualcomm
View all CVEs affecting Snapdragon Auto 5g Modem Rf Gen 2 Firmware →
Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →
Snapdragon X24 Lte Modem Firmware by Qualcomm
Snapdragon X5 Lte Modem Firmware by Qualcomm
Snapdragon X50 5g Modem Rf System Firmware by Qualcomm
View all CVEs affecting Snapdragon X50 5g Modem Rf System Firmware →
Snapdragon X55 5g Modem Rf System Firmware by Qualcomm
View all CVEs affecting Snapdragon X55 5g Modem Rf System Firmware →
Snapdragon X62 5g Modem Rf System Firmware by Qualcomm
View all CVEs affecting Snapdragon X62 5g Modem Rf System Firmware →
Snapdragon X65 5g Modem Rf System Firmware by Qualcomm
View all CVEs affecting Snapdragon X65 5g Modem Rf System Firmware →
Snapdragon Xr1 Platform Firmware by Qualcomm
Snapdragon Xr2 5g Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon Xr2 5g Platform Firmware →
Snapdragon Xr2\+ Gen 1 Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon Xr2\+ Gen 1 Platform Firmware →
Video Collaboration Vc1 Platform Firmware by Qualcomm
View all CVEs affecting Video Collaboration Vc1 Platform Firmware →
Video Collaboration Vc3 Platform Firmware by Qualcomm
View all CVEs affecting Video Collaboration Vc3 Platform Firmware →
Vision Intelligence 100 Platform \(apq8053 Aa\) Firmware by Qualcomm
View all CVEs affecting Vision Intelligence 100 Platform \(apq8053 Aa\) Firmware →
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete device compromise, data theft, or persistent backdoor installation
Likely Case
Denial of service causing Wi-Fi connectivity disruption or device crashes requiring reboot
If Mitigated
Limited impact with proper network segmentation and updated firmware
🎯 Exploit Status
Exploitation requires proximity to target device and knowledge of Wi-Fi protocol manipulation
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Qualcomm April 2025 security bulletin for specific firmware versions
Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html
Restart Required: Yes
Instructions:
1. Check device manufacturer for firmware updates 2. Apply Qualcomm-provided patches 3. Reboot device 4. Verify Wi-Fi functionality
🔧 Temporary Workarounds
Disable Wi-Fi when not needed
linuxTurn off Wi-Fi radio to prevent connection attempts
nmcli radio wifi off
ip link set wlan0 down
Use wired connections
allPrefer Ethernet over Wi-Fi for critical systems
🧯 If You Can't Patch
- Segment Wi-Fi networks to limit attack surface
- Implement network monitoring for abnormal Wi-Fi connection patterns
🔍 How to Verify
Check if Vulnerable:
Check device chipset model and firmware version against Qualcomm advisoryCheck Version:
cat /sys/class/net/wlan0/device/uevent | grep DRIVER_VERSIONVerify Fix Applied:
Verify firmware version matches patched version from manufacturer📡 Detection & Monitoring
Log Indicators:
- Multiple failed Wi-Fi connection attempts
- Kernel panics or crashes during Wi-Fi association
- Unexpected driver reloads
Network Indicators:
- Abnormal ADD TS request patterns
- Malformed 802.11 management frames
SIEM Query:
source="wifi_logs" AND (event="connection_failed" OR event="driver_crash")