CVE-2025-27073

Q: What is the severity of CVE-2025-27073?

CVE-2025-27073 has a CVSS score of 7.5 (HIGH). This vulnerability allows attackers to cause a Denial of Service (DoS) condition by exploiting a flaw in the Neighbor Discovery Protocol (NDP) instance creation process. It affects systems using Qualcomm chipsets with vulnerable NDP implementations. The attack can temporarily disrupt network connectivity on affected devices.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows attackers to cause a Denial of Service (DoS) condition by exploiting a flaw in the Neighbor Discovery Protocol (NDP) instance creation process. It affects systems using Qualcomm chipsets with vulnerable NDP implementations. The attack can temporarily disrupt network connectivity on affected devices.

💻 Affected Systems

Products:

Qualcomm chipsets with NDP implementation

Versions: Specific versions not detailed in reference; check Qualcomm advisory for affected chipset models

Operating Systems: Android, Linux-based systems using Qualcomm chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with NDP enabled; mobile devices and IoT devices using Qualcomm chipsets are primary targets.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete network service disruption on affected devices, requiring reboot to restore functionality.

🟠

Likely Case

Temporary network connectivity loss or degradation on targeted devices.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring.

🌐 Internet-Facing: MEDIUM - Attackers could target exposed network interfaces, but requires specific network conditions.

🏢 Internal Only: LOW - Requires local network access and specific timing conditions.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires network access and specific timing during NDP instance creation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm August 2025 security bulletin for specific chipset firmware versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for affected chipset models. 2. Obtain firmware update from device manufacturer. 3. Apply firmware update following manufacturer instructions. 4. Reboot device.

🔧 Temporary Workarounds

Disable NDP if not needed

linux

Turn off Neighbor Discovery Protocol if not required for network operations

sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1

Network segmentation

all

Isolate vulnerable devices in separate network segments

🧯 If You Can't Patch

Implement strict network access controls to limit exposure
Monitor network traffic for abnormal NDP patterns

🔍 How to Verify

Check if Vulnerable:

Check chipset model and firmware version against Qualcomm advisory

Check Version:

cat /proc/cpuinfo | grep -i qualcomm

Verify Fix Applied:

Verify firmware version matches patched version from Qualcomm bulletin

📡 Detection & Monitoring

Log Indicators:

Multiple NDP instance creation failures
Network interface resets
System logs showing NDP protocol errors

Network Indicators:

Abnormal NDP traffic patterns
Sudden network connectivity loss on specific devices

SIEM Query:

source="network_logs" AND (NDP OR neighbor_discovery) AND (error OR failure OR reset)

📊 Metadata

CVE ID: CVE-2025-27073

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

EPSS Score: 0.03% exploit probability (6.5th percentile)

Published: August 6, 2025

Last Updated: August 20, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Csr8811 Firmware by Qualcomm

Fastconnect 6800 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Immersive Home 214 Platform Firmware by Qualcomm

Immersive Home 216 Platform Firmware by Qualcomm

Immersive Home 316 Platform Firmware by Qualcomm

Immersive Home 318 Platform Firmware by Qualcomm

Ipq5010 Firmware by Qualcomm

Ipq5028 Firmware by Qualcomm

Ipq6000 Firmware by Qualcomm

Ipq6010 Firmware by Qualcomm

Ipq6018 Firmware by Qualcomm

Ipq6028 Firmware by Qualcomm

Ipq8070a Firmware by Qualcomm

Ipq8071a Firmware by Qualcomm

Ipq8072a Firmware by Qualcomm

Ipq8074a Firmware by Qualcomm

Ipq8076 Firmware by Qualcomm

Ipq8076a Firmware by Qualcomm

Ipq8078 Firmware by Qualcomm

Ipq8078a Firmware by Qualcomm

Ipq8173 Firmware by Qualcomm

Ipq8174 Firmware by Qualcomm

Ipq9008 Firmware by Qualcomm

Ipq9554 Firmware by Qualcomm

Ipq9570 Firmware by Qualcomm

Ipq9574 Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6554a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6777aq Firmware by Qualcomm

Qca6787aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8072 Firmware by Qualcomm

Qca8075 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8082 Firmware by Qualcomm

Qca8084 Firmware by Qualcomm

Qca8085 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca8386 Firmware by Qualcomm

Qca9888 Firmware by Qualcomm

Qca9889 Firmware by Qualcomm

Qcc2073 Firmware by Qualcomm

Qcc2076 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcm8550 Firmware by Qualcomm

Qcn5022 Firmware by Qualcomm

Qcn5024 Firmware by Qualcomm

Qcn5052 Firmware by Qualcomm

Qcn5054 Firmware by Qualcomm

Qcn5122 Firmware by Qualcomm

Qcn5124 Firmware by Qualcomm

Qcn5152 Firmware by Qualcomm

Qcn5154 Firmware by Qualcomm

Qcn5164 Firmware by Qualcomm

Qcn6023 Firmware by Qualcomm