CVE-2025-21452

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows attackers to cause a denial-of-service (DoS) condition on LTE networks by sending specially crafted random-access response (RAR) messages with invalid PDU lengths. It affects mobile network infrastructure equipment and devices using Qualcomm LTE modems/chipsets. The attack disrupts network availability but doesn't compromise data confidentiality or integrity.

💻 Affected Systems

Products:

• Qualcomm LTE modems
• Mobile devices with Qualcomm chipsets
• LTE network infrastructure equipment

Versions: Specific versions not publicly detailed; refer to Qualcomm August 2025 security bulletin

Operating Systems: Embedded/baseband OS on affected chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems processing LTE RAR messages; exact product list requires checking Qualcomm's advisory.

📦 What is this software?

315 5g Iot Modem Firmware by Qualcomm

View all CVEs affecting 315 5g Iot Modem Firmware →

Ar8035 Firmware by Qualcomm

View all CVEs affecting Ar8035 Firmware →

Fastconnect 6200 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6200 Firmware →

Fastconnect 6700 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6700 Firmware →

Fastconnect 6800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6800 Firmware →

Fastconnect 6900 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6900 Firmware →

Fsm10055 Firmware by Qualcomm

View all CVEs affecting Fsm10055 Firmware →

Qca6174a Firmware by Qualcomm

View all CVEs affecting Qca6174a Firmware →

Qca6391 Firmware by Qualcomm

View all CVEs affecting Qca6391 Firmware →

Qca6421 Firmware by Qualcomm

View all CVEs affecting Qca6421 Firmware →

Qca6426 Firmware by Qualcomm

View all CVEs affecting Qca6426 Firmware →

Qca6431 Firmware by Qualcomm

View all CVEs affecting Qca6431 Firmware →

Qca6436 Firmware by Qualcomm

View all CVEs affecting Qca6436 Firmware →

Qca6574a Firmware by Qualcomm

View all CVEs affecting Qca6574a Firmware →

Qca6574au Firmware by Qualcomm

View all CVEs affecting Qca6574au Firmware →

Qca6595au Firmware by Qualcomm

View all CVEs affecting Qca6595au Firmware →

Qca6696 Firmware by Qualcomm

View all CVEs affecting Qca6696 Firmware →

Qca6698aq Firmware by Qualcomm

View all CVEs affecting Qca6698aq Firmware →

Qca8337 Firmware by Qualcomm

View all CVEs affecting Qca8337 Firmware →

Qcm5430 Firmware by Qualcomm

View all CVEs affecting Qcm5430 Firmware →

Qcm6490 Firmware by Qualcomm

View all CVEs affecting Qcm6490 Firmware →

Qcs5430 Firmware by Qualcomm

View all CVEs affecting Qcs5430 Firmware →

Qcs6490 Firmware by Qualcomm

View all CVEs affecting Qcs6490 Firmware →

Qep8111 Firmware by Qualcomm

View all CVEs affecting Qep8111 Firmware →

Sd855 Firmware by Qualcomm

View all CVEs affecting Sd855 Firmware →

Sd865 5g Firmware by Qualcomm

View all CVEs affecting Sd865 5g Firmware →

Sdx55 Firmware by Qualcomm

View all CVEs affecting Sdx55 Firmware →

Sdx57m Firmware by Qualcomm

View all CVEs affecting Sdx57m Firmware →

Sm6370 Firmware by Qualcomm

View all CVEs affecting Sm6370 Firmware →

Sm6650 Firmware by Qualcomm

View all CVEs affecting Sm6650 Firmware →

Sm7250p Firmware by Qualcomm

View all CVEs affecting Sm7250p Firmware →

Sm7325p Firmware by Qualcomm

View all CVEs affecting Sm7325p Firmware →

Sm7635 Firmware by Qualcomm

View all CVEs affecting Sm7635 Firmware →

Snapdragon 4 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 4 Gen 1 Mobile Platform Firmware →

Snapdragon 480 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 480 5g Mobile Platform Firmware →

Snapdragon 480\+ 5g Mobile Platform \(sm4350 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 480\+ 5g Mobile Platform \(sm4350 Ac\) Firmware →

Snapdragon 690 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 690 5g Mobile Platform Firmware →

Snapdragon 695 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 695 5g Mobile Platform Firmware →

Snapdragon 765 5g Mobile Platform \(sm7250 Aa\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 765 5g Mobile Platform \(sm7250 Aa\) Firmware →

Snapdragon 765g 5g Mobile Platform \(sm7250 Ab\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 765g 5g Mobile Platform \(sm7250 Ab\) Firmware →

Snapdragon 768g 5g Mobile Platform \(sm7250 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 768g 5g Mobile Platform \(sm7250 Ac\) Firmware →

Snapdragon 778g 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g 5g Mobile Platform Firmware →

Snapdragon 778g\+ 5g Mobile Platform \(sm7325 Ae\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g\+ 5g Mobile Platform \(sm7325 Ae\) Firmware →

Snapdragon 780g 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 780g 5g Mobile Platform Firmware →

Snapdragon 782g Mobile Platform \(sm7325 Af\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 782g Mobile Platform \(sm7325 Af\) Firmware →

Snapdragon 7c\+ Gen 3 Compute Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c\+ Gen 3 Compute Firmware →

Snapdragon 855 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 855 Mobile Platform Firmware →

Snapdragon 855\+\/860 Mobile Platform \(sm8150 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 855\+\/860 Mobile Platform \(sm8150 Ac\) Firmware →

Snapdragon 865 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 865 5g Mobile Platform Firmware →

Snapdragon 865\+ 5g Mobile Platform \(sm8250 Ab\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 865\+ 5g Mobile Platform \(sm8250 Ab\) Firmware →

Snapdragon 870 5g Mobile Platform \(sm8250 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 870 5g Mobile Platform \(sm8250 Ac\) Firmware →

Snapdragon 888 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 888 5g Mobile Platform Firmware →

Snapdragon 888\+ 5g Mobile Platform \(sm8350 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 888\+ 5g Mobile Platform \(sm8350 Ac\) Firmware →

Snapdragon Auto 5g Modem Rf Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →

Snapdragon X35 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X35 5g Modem Rf System Firmware →

Snapdragon X55 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X55 5g Modem Rf System Firmware →

Snapdragon Xr2 5g Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2 5g Platform Firmware →

Sxr2130 Firmware by Qualcomm

View all CVEs affecting Sxr2130 Firmware →

Video Collaboration Vc3 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc3 Platform Firmware →

Wcd9340 Firmware by Qualcomm

View all CVEs affecting Wcd9340 Firmware →

Wcd9341 Firmware by Qualcomm

View all CVEs affecting Wcd9341 Firmware →

Wcd9360 Firmware by Qualcomm

View all CVEs affecting Wcd9360 Firmware →

Wcd9370 Firmware by Qualcomm

View all CVEs affecting Wcd9370 Firmware →

Wcd9375 Firmware by Qualcomm

View all CVEs affecting Wcd9375 Firmware →

Wcd9378 Firmware by Qualcomm

View all CVEs affecting Wcd9378 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcd9395 Firmware by Qualcomm

View all CVEs affecting Wcd9395 Firmware →

Wcn3988 Firmware by Qualcomm

View all CVEs affecting Wcn3988 Firmware →

Wcn6450 Firmware by Qualcomm

View all CVEs affecting Wcn6450 Firmware →

Wcn6650 Firmware by Qualcomm

View all CVEs affecting Wcn6650 Firmware →

Wcn6740 Firmware by Qualcomm

View all CVEs affecting Wcn6740 Firmware →

Wcn6755 Firmware by Qualcomm

View all CVEs affecting Wcn6755 Firmware →

Wcn7861 Firmware by Qualcomm

View all CVEs affecting Wcn7861 Firmware →

Wcn7881 Firmware by Qualcomm

View all CVEs affecting Wcn7881 Firmware →

Wsa8810 Firmware by Qualcomm

View all CVEs affecting Wsa8810 Firmware →

Wsa8815 Firmware by Qualcomm

View all CVEs affecting Wsa8815 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained DoS affecting multiple base stations or network segments, disrupting mobile service for large geographic areas.

🟠

Likely Case

Temporary service disruption affecting individual cells or devices, causing dropped connections and degraded network performance.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring; isolated incidents quickly detected and contained.

🌐 Internet-Facing: MEDIUM - LTE networks are accessible via radio interface, but exploitation requires specialized equipment and proximity.

🏢 Internal Only: LOW - This is primarily a radio interface vulnerability, not typically exploitable from internal corporate networks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires LTE protocol knowledge and radio transmission capability; no authentication needed as it targets network signaling.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm August 2025 security bulletin for specific firmware versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for affected products. 2. Obtain updated firmware from device manufacturer or carrier. 3. Apply firmware update following vendor instructions. 4. Reboot affected devices/systems.

🔧 Temporary Workarounds

Network monitoring and filtering

all

Implement network monitoring to detect anomalous RAR traffic and filter suspicious messages

🧯 If You Can't Patch

• Implement network segmentation to limit blast radius of DoS attacks
• Deploy redundant systems with failover capabilities to maintain service during attacks

🔍 How to Verify

Check if Vulnerable:

Copy

Check device firmware version against Qualcomm's patched versions list in the August 2025 bulletin

Check Version:

Copy

Device-specific; typically via AT commands or device management interfaces (e.g., AT+CGMR for modems)

Verify Fix Applied:

Copy

Verify firmware version matches or exceeds patched version specified by Qualcomm

📡 Detection & Monitoring

Log Indicators:

• Unexpected baseband resets
• Increased RAR processing errors
• Abnormal LTE signaling messages

Network Indicators:

• Spike in RAR messages with unusual lengths
• Increased radio link failures
• Abnormal cell reselection patterns

SIEM Query:

Copy

Example: 'source="lte_logs" AND (message="RAR length error" OR message="PDU validation failed")'

📊 Metadata

CVE ID: CVE-2025-21452

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

EPSS Score: 0.02% exploit probability (5.2th percentile)

Published: August 6, 2025

Last Updated: August 20, 2025

🔗 References

• https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-21452, you might also want to check these:

CVE-2023-37015 8.6

This vulnerability allows remote attackers to cause denial of service by sending malformed ASN.1 pac...

Same vulnerability type (CWE-617)

CVE-2023-37016 8.6

CVE-2023-37016 is a remotely triggerable assertion vulnerability in Open5GS MME that allows denial o...

Same vulnerability type (CWE-617)

CVE-2023-37017 8.6

Open5GS MME versions up to 2.6.4 contain a remotely triggerable assertion via malformed ASN.1 packet...

Same vulnerability type (CWE-617)