Login Sign Up

CVE-2025-21485

7.8 HIGH

📋 TL;DR

This vulnerability allows memory corruption through improper handling of INIT and multimode invoke IOCTL calls in FastRPC. Attackers could potentially execute arbitrary code or cause denial of service. This affects devices using Qualcomm chipsets with vulnerable FastRPC implementations.

💻 Affected Systems

Products:
  • Qualcomm chipsets with FastRPC functionality
Versions: Specific versions not detailed in reference; check Qualcomm advisory
Operating Systems: Android, Linux-based systems using Qualcomm chips
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems where FastRPC is enabled and accessible to untrusted applications

📦 What is this software?

Fastconnect 6900 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6900 Firmware →

Fastconnect 7800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 7800 Firmware →

Qmp1000 Firmware by Qualcomm

View all CVEs affecting Qmp1000 Firmware →

Sm8735 Firmware by Qualcomm

View all CVEs affecting Sm8735 Firmware →

Sm8750 Firmware by Qualcomm

View all CVEs affecting Sm8750 Firmware →

Sm8750p Firmware by Qualcomm

View all CVEs affecting Sm8750p Firmware →

Snapdragon 8 Gen 3 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 3 Mobile Platform Firmware →

Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr2230p Firmware by Qualcomm

View all CVEs affecting Sxr2230p Firmware →

Sxr2250p Firmware by Qualcomm

View all CVEs affecting Sxr2250p Firmware →

Sxr2330p Firmware by Qualcomm

View all CVEs affecting Sxr2330p Firmware →

Wcd9378 Firmware by Qualcomm

View all CVEs affecting Wcd9378 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcd9390 Firmware by Qualcomm

View all CVEs affecting Wcd9390 Firmware →

Wcd9395 Firmware by Qualcomm

View all CVEs affecting Wcd9395 Firmware →

Wcn7750 Firmware by Qualcomm

View all CVEs affecting Wcn7750 Firmware →

Wcn7860 Firmware by Qualcomm

View all CVEs affecting Wcn7860 Firmware →

Wcn7861 Firmware by Qualcomm

View all CVEs affecting Wcn7861 Firmware →

Wcn7880 Firmware by Qualcomm

View all CVEs affecting Wcn7880 Firmware →

Wcn7881 Firmware by Qualcomm

View all CVEs affecting Wcn7881 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

Wsa8840 Firmware by Qualcomm

View all CVEs affecting Wsa8840 Firmware →

Wsa8845 Firmware by Qualcomm

View all CVEs affecting Wsa8845 Firmware →

Wsa8845h Firmware by Qualcomm

View all CVEs affecting Wsa8845h Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete system compromise

🟠

Likely Case

Local privilege escalation or denial of service affecting device stability

🟢

If Mitigated

Limited impact with proper access controls and isolation mechanisms in place

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access or ability to execute code in context with FastRPC access

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm June 2025 security bulletin for specific versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for affected chipset versions. 2. Obtain firmware/software updates from device manufacturer. 3. Apply patches following manufacturer instructions. 4. Reboot device to activate fixes.

🔧 Temporary Workarounds

Restrict FastRPC access

linux

Limit which applications/services can access FastRPC functionality

# Review and modify SELinux/AppArmor policies for FastRPC
# Check /dev/fastrpc permissions and restrict as needed

🧯 If You Can't Patch

  • Implement strict application sandboxing to limit FastRPC access
  • Monitor for abnormal FastRPC usage patterns and privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check chipset version and compare against Qualcomm advisory; examine FastRPC module version if accessible

Check Version:

# For Android: getprop ro.boot.hardware.sku
# Check device-specific commands for chipset version

Verify Fix Applied:

Verify firmware/software version matches patched versions in Qualcomm bulletin

📡 Detection & Monitoring

Log Indicators:

  • Unusual FastRPC IOCTL calls
  • Kernel panic or crash logs related to FastRPC
  • Privilege escalation attempts

Network Indicators:

  • Not typically network-exploitable; focus on local system indicators

SIEM Query:

source="kernel" AND ("fastrpc" OR "CVE-2025-21485")

📊 Metadata

CVE ID: CVE-2025-21485
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-367
EPSS Score: 0.01% exploit probability (2.5th percentile)
Published: June 3, 2025
Last Updated: August 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-21485, you might also want to check these:

CVE-2026-25641 10.0

CVE-2026-25641 is a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attack...

Same vulnerability type (CWE-367)
CVE-2025-64180 10.0

A critical TOCTOU vulnerability in Manager accounting software allows attackers to bypass DNS valida...

Same vulnerability type (CWE-367)
CVE-2025-13032 9.9

A double fetch vulnerability in the sandbox kernel driver of Avast/AVG Antivirus on Windows allows l...

Same vulnerability type (CWE-367)