DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2025-21423: An Array of Problems: Pwning Qualcomm Snapdragon via a Test Mode Backdoor

#security #cve #cybersecurity

An Array of Problems: Pwning Qualcomm Snapdragon via a Test Mode Backdoor

Vulnerability ID: CVE-2025-21423
CVSS Score: 7.8
Published: 2025-04-07

CVE-2025-21423 is a classic memory corruption flaw in a vast range of Qualcomm Snapdragon products, from mobile phones to compute platforms. The vulnerability resides in the handling of 'Escape calls' to an EnableTestMode function, a feature likely intended for internal diagnostics. A local attacker with low privileges can supply a malicious array index, triggering an out-of-bounds write. This textbook error (CWE-129) allows for memory corruption that can be leveraged for a full system compromise, including privilege escalation and arbitrary code execution, turning a seemingly harmless app into a powerful spyware implant.

TL;DR

A classic out-of-bounds write in a Qualcomm driver function (EnableTestMode) allows a local, low-privileged attacker to corrupt kernel memory. This can be exploited for full privilege escalation. The attack vector is a malicious app. If your device is on the affected list and unpatched, you're in for a bad time.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-129
  • CWE Name: Improper Validation of Array Index
  • Attack Vector: Local (AV:L)
  • Privileges Required: Low (PR:L)
  • CVSS v3.1 Score: 7.8 (High)
  • EPSS Score: 0.025% (Very Low Probability of Exploitation)
  • Impact: Privilege Escalation, Arbitrary Code Execution, Denial of Service
  • Exploit Status: poc
  • KEV Status: Not Listed

Affected Systems

  • Qualcomm Snapdragon Mobile Platforms
  • Qualcomm Snapdragon Compute Platforms
  • Qualcomm FastConnect Wi-Fi/Bluetooth Subsystems
  • Qualcomm Audio Codecs (WCD/WSA series)
  • A vast range of Android smartphones, tablets, and Windows-on-ARM laptops.
  • Snapdragon 8cx Gen 3 Compute Platform: SC8280XP-AB, BB
  • Snapdragon 7c+ Gen 3 Compute: All
  • FastConnect 7800: All
  • QCM6490: All

Mitigation Strategies

  • The only effective mitigation is to apply security patches provided by the device manufacturer.
  • Avoid installing applications from untrusted sources, as they are the primary vector for exploiting local vulnerabilities.
  • Employ mobile device management (MDM) solutions to enforce patching and detect anomalous application behavior.

Remediation Steps:

  1. Check for and install the latest system updates on your device immediately. These updates will contain the patch for CVE-2025-21423.
  2. Consult your device manufacturer's (e.g., Samsung, Google, etc.) security bulletins for information on patch availability for your specific model.
  3. Refer to the Qualcomm April 2025 Security Bulletin for the authoritative list of affected chipsets and patch information.

References

Read the full report for CVE-2025-21423 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)