1. Home
  2. CVE Database
  3. CVE-2025-21488
HIGH · 8.2

CVE-2025-21488

Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.

Vulnerability Description

Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.

CVSS Score

8.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
QualcommFastconnect 6200 Firmware-
QualcommFastconnect 6200-
QualcommFastconnect 6700 Firmware-
QualcommFastconnect 6700-
QualcommFastconnect 6900 Firmware-
QualcommFastconnect 6900-
QualcommFastconnect 7800 Firmware-
QualcommFastconnect 7800-
QualcommMsm8996Au Firmware-
QualcommMsm8996Au-
QualcommQca6564 Firmware-
QualcommQca6564-
QualcommQca6564A Firmware-
QualcommQca6564A-
QualcommQca6564Au Firmware-
QualcommQca6564Au-
QualcommQca6574 Firmware-
QualcommQca6574-
QualcommQca6574A Firmware-
QualcommQca6574A-

Related Weaknesses (CWE)

CWE-126

References

FAQ

What is CVE-2025-21488?

CVE-2025-21488 is a vulnerability with a CVSS score of 8.2 (HIGH). Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.

How severe is CVE-2025-21488?

CVE-2025-21488 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-21488?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Fastconnect 6200 Firmware, Qualcomm Fastconnect 6200, Qualcomm Fastconnect 6700 Firmware, Qualcomm Fastconnect 6700, Qualcomm Fastconnect 6900 Firmware.