CVE-2025-27053

Q: What is the severity of CVE-2025-27053?

CVE-2025-27053 has a CVSS score of 7.8 (HIGH). This vulnerability allows memory corruption in Qualcomm's PlayReady APP implementation when processing TA commands, potentially enabling arbitrary code execution. It affects devices with Qualcomm chipsets that use PlayReady DRM technology. Attackers could exploit this to compromise device security and gain elevated privileges.

7.8 HIGH

📋 TL;DR

This vulnerability allows memory corruption in Qualcomm's PlayReady APP implementation when processing TA commands, potentially enabling arbitrary code execution. It affects devices with Qualcomm chipsets that use PlayReady DRM technology. Attackers could exploit this to compromise device security and gain elevated privileges.

💻 Affected Systems

Products:

Qualcomm chipsets with PlayReady APP implementation

Versions: Specific versions not detailed in reference; consult Qualcomm advisory for affected chipset versions

Operating Systems: Android, Windows, and other OS using Qualcomm PlayReady implementation

Default Config Vulnerable: ⚠️ Yes

Notes: Requires PlayReady APP usecase to be active; affects devices with Qualcomm Secure Execution Environment (QSEE) or similar trusted execution environments

📦 What is this software?

Snapdragon 7c Gen 2 Compute Platform \(sc7180 Ad\) \"rennell Pro\" Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c Gen 2 Compute Platform \(sc7180 Ad\) \"rennell Pro\" Firmware →

Snapdragon 7c\+ Gen 3 Compute Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c\+ Gen 3 Compute Firmware →

Snapdragon 8 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Mobile Platform Firmware →

Snapdragon 8 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Mobile Platform Firmware →

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 2 Mobile Platform Firmware →

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 2 Mobile Platform Firmware →

Snapdragon 8 Gen 3 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 3 Mobile Platform Firmware →

Snapdragon 820 Automotive Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 820 Automotive Platform Firmware →

Snapdragon 820 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 820 Mobile Platform Firmware →

Snapdragon 821 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 821 Mobile Platform Firmware →

Snapdragon 845 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 845 Mobile Platform Firmware →

Snapdragon 855 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 855 Mobile Platform Firmware →

Snapdragon 855\+\/860 Mobile Platform \(sm8150 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 855\+\/860 Mobile Platform \(sm8150 Ac\) Firmware →

Snapdragon 865 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 865 5g Mobile Platform Firmware →

Snapdragon 865\+ 5g Mobile Platform \(sm8250 Ab\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 865\+ 5g Mobile Platform \(sm8250 Ab\) Firmware →

Snapdragon 870 5g Mobile Platform \(sm8250 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 870 5g Mobile Platform \(sm8250 Ac\) Firmware →

Snapdragon 888 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 888 5g Mobile Platform Firmware →

Snapdragon 888\+ 5g Mobile Platform \(sm8350 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 888\+ 5g Mobile Platform \(sm8350 Ac\) Firmware →

Snapdragon 8c Compute Platform \(sc8180x Ad\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8c Compute Platform \(sc8180x Ad\) Firmware →

Snapdragon 8c Compute Platform \(sc8180xp Ad\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8c Compute Platform \(sc8180xp Ad\) Firmware →

Snapdragon 8cx Compute Platform \(sc8180x Aa\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Compute Platform \(sc8180x Aa\) Firmware →

Snapdragon 8cx Compute Platform \(sc8180x Ab\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Compute Platform \(sc8180x Ab\) Firmware →

Snapdragon 8cx Compute Platform \(sc8180xp Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Compute Platform \(sc8180xp Ac\) Firmware →

Snapdragon 8cx Compute Platform \(sc8180xp Af\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Compute Platform \(sc8180xp Af\) Firmware →

Snapdragon 8cx Gen 2 5g Compute Platform \(sc8180x Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Gen 2 5g Compute Platform \(sc8180x Ac\) Firmware →

Snapdragon 8cx Gen 2 5g Compute Platform \(sc8180x Af\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Gen 2 5g Compute Platform \(sc8180x Af\) Firmware →

Snapdragon 8cx Gen 2 5g Compute Platform \(sc8180xp Aa\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Gen 2 5g Compute Platform \(sc8180xp Aa\) Firmware →

Snapdragon 8cx Gen 2 5g Compute Platform \(sc8180xp Ab\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Gen 2 5g Compute Platform \(sc8180xp Ab\) Firmware →

Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp Ab\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp Ab\) Firmware →

Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp Bb\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp Bb\) Firmware →

Snapdragon Ar1 Gen 1 Platform \"luna1\" Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar1 Gen 1 Platform \"luna1\" Firmware →

Snapdragon Ar1 Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar1 Gen 1 Platform Firmware →

Snapdragon Ar2 Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar2 Gen 1 Platform Firmware →

Snapdragon Auto 4g Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 4g Modem Firmware →

Snapdragon Auto 5g Modem Rf Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →

Snapdragon Auto 5g Modem Rf Gen 2 Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Gen 2 Firmware →

Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →

Snapdragon Wear 1300 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Wear 1300 Platform Firmware →

Snapdragon Wear 4100\+ Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Wear 4100\+ Platform Firmware →

Snapdragon X12 Lte Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon X12 Lte Modem Firmware →

Snapdragon X24 Lte Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon X24 Lte Modem Firmware →

Snapdragon X32 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X32 5g Modem Rf System Firmware →

Snapdragon X35 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X35 5g Modem Rf System Firmware →

Snapdragon X5 Lte Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon X5 Lte Modem Firmware →

Snapdragon X50 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X50 5g Modem Rf System Firmware →

Snapdragon X55 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X55 5g Modem Rf System Firmware →

Snapdragon X62 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X62 5g Modem Rf System Firmware →

Snapdragon X65 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X65 5g Modem Rf System Firmware →

Snapdragon X72 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X72 5g Modem Rf System Firmware →

Snapdragon X75 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X75 5g Modem Rf System Firmware →

Snapdragon Xr1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr1 Platform Firmware →

Snapdragon Xr2 5g Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2 5g Platform Firmware →

Snapdragon Xr2\+ Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2\+ Gen 1 Platform Firmware →

Srv1h Firmware by Qualcomm

View all CVEs affecting Srv1h Firmware →

Srv1l Firmware by Qualcomm

View all CVEs affecting Srv1l Firmware →

Srv1m Firmware by Qualcomm

View all CVEs affecting Srv1m Firmware →

Ssg2115p Firmware by Qualcomm

View all CVEs affecting Ssg2115p Firmware →

Ssg2125p Firmware by Qualcomm

View all CVEs affecting Ssg2125p Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr1120 Firmware by Qualcomm

View all CVEs affecting Sxr1120 Firmware →

Sxr1230p Firmware by Qualcomm

View all CVEs affecting Sxr1230p Firmware →

Sxr2130 Firmware by Qualcomm

View all CVEs affecting Sxr2130 Firmware →

Sxr2230p Firmware by Qualcomm

View all CVEs affecting Sxr2230p Firmware →

Sxr2250p Firmware by Qualcomm

View all CVEs affecting Sxr2250p Firmware →

Sxr2330p Firmware by Qualcomm

View all CVEs affecting Sxr2330p Firmware →

Sxr2350p Firmware by Qualcomm

View all CVEs affecting Sxr2350p Firmware →

Talynplus Firmware by Qualcomm

View all CVEs affecting Talynplus Firmware →

Video Collaboration Vc1 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc1 Platform Firmware →

Video Collaboration Vc3 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc3 Platform Firmware →

Video Collaboration Vc5 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc5 Platform Firmware →

Vision Intelligence 100 Platform \(apq8053 Aa\) Firmware by Qualcomm

View all CVEs affecting Vision Intelligence 100 Platform \(apq8053 Aa\) Firmware →

Vision Intelligence 200 Platform \(apq8053 Ac\) Firmware by Qualcomm

View all CVEs affecting Vision Intelligence 200 Platform \(apq8053 Ac\) Firmware →

Vision Intelligence 300 Platform Firmware by Qualcomm

View all CVEs affecting Vision Intelligence 300 Platform Firmware →

Vision Intelligence 400 Platform Firmware by Qualcomm

View all CVEs affecting Vision Intelligence 400 Platform Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full device compromise with kernel-level code execution, allowing complete control over affected devices and potential data exfiltration.

🟠

Likely Case

Privilege escalation leading to unauthorized access to protected content or system resources, potentially bypassing DRM protections.

🟢

If Mitigated

Limited impact with proper memory protection mechanisms and sandboxing in place, potentially causing crashes but not code execution.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires access to process TA commands; likely requires local access or ability to trigger PlayReady operations

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm October 2025 security bulletin for specific chipset firmware versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for affected chipset models. 2. Obtain firmware updates from device manufacturer. 3. Apply firmware update following manufacturer instructions. 4. Reboot device to activate fixes.

🔧 Temporary Workarounds

Disable PlayReady APP features

all

Temporarily disable PlayReady APP functionality if not required

Device-specific; consult manufacturer documentation

Restrict TA command processing

all

Limit access to trusted applications that can send TA commands

Configuration dependent on device management solutions

🧯 If You Can't Patch

Isolate affected devices from untrusted networks
Implement strict application whitelisting to prevent unauthorized PlayReady usage

🔍 How to Verify

Check if Vulnerable:

Check device chipset model and firmware version against Qualcomm advisory; use manufacturer-specific diagnostic tools

Check Version:

Device-specific (e.g., Android: getprop ro.bootloader; Windows: Device Manager chipset properties)

Verify Fix Applied:

Verify firmware version matches patched versions in Qualcomm bulletin; test PlayReady functionality

📡 Detection & Monitoring

Log Indicators:

Unexpected PlayReady process crashes
Memory access violations in trusted execution environment logs
Abnormal TA command sequences

Network Indicators:

Unusual DRM license requests
Suspicious communication with PlayReady services

SIEM Query:

Process:PlayReady AND (EventID:1000 OR ExceptionCode:c0000005)

📊 Metadata

CVE ID: CVE-2025-27053

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-131

EPSS Score: 0.02% exploit probability (5.2th percentile)

Published: October 9, 2025

Last Updated: November 5, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

215 Mobile Platform Firmware by Qualcomm

315 5g Iot Modem Firmware by Qualcomm

9205 Lte Modem Firmware by Qualcomm

9206 Lte Modem Firmware by Qualcomm

9207 Lte Modem Firmware by Qualcomm

Apq8017 Firmware by Qualcomm

Apq8037 Firmware by Qualcomm

Apq8064au Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Ar8031 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

C V2x 9150 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6800 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Flight Rb5 5g Platform Firmware by Qualcomm

Home Hub 100 Platform Firmware by Qualcomm

Mdm8207 Firmware by Qualcomm

Mdm9205s Firmware by Qualcomm

Mdm9250 Firmware by Qualcomm

Mdm9628 Firmware by Qualcomm

Mdm9640 Firmware by Qualcomm

Mdm9650 Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Pm8937 Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qam8620p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca4004 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6234 Firmware by Qualcomm

Qca6310 Firmware by Qualcomm

Qca6320 Firmware by Qualcomm

Qca6335 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6698au Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca8386 Firmware by Qualcomm

Qca8695au Firmware by Qualcomm

Qca9367 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qca9379 Firmware by Qualcomm

Qcc2072 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcc711 Firmware by Qualcomm

Qcf8001 Firmware by Qualcomm

Qcm2150 Firmware by Qualcomm