1. Home
  2. CVE Database
  3. CVE-2025-21450
CRITICAL · 9.1

CVE-2025-21450

Cryptographic issue occurs due to use of insecure connection method while downloading.

Vulnerability Description

Cryptographic issue occurs due to use of insecure connection method while downloading.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
QualcommAr8035 Firmware-
QualcommAr8035-
QualcommFastconnect 6200 Firmware-
QualcommFastconnect 6200-
QualcommFastconnect 6700 Firmware-
QualcommFastconnect 6700-
QualcommFastconnect 6900 Firmware-
QualcommFastconnect 6900-
QualcommFastconnect 7800 Firmware-
QualcommFastconnect 7800-
QualcommWcd9378 Firmware-
QualcommWcd9378-
QualcommWcd9380 Firmware-
QualcommWcd9380-
QualcommWcd9385 Firmware-
QualcommWcd9385-
QualcommWcd9390 Firmware-
QualcommWcd9390-
QualcommWcd9395 Firmware-
QualcommWcd9395-

Related Weaknesses (CWE)

CWE-287CWE-863

References

FAQ

What is CVE-2025-21450?

CVE-2025-21450 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Cryptographic issue occurs due to use of insecure connection method while downloading.

How severe is CVE-2025-21450?

CVE-2025-21450 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-21450?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm Fastconnect 6200 Firmware, Qualcomm Fastconnect 6200, Qualcomm Fastconnect 6700 Firmware.