| Advisory
Products
MOOLE SCA
Continuous visibility into open-source risk
MOOLE Container Security
End-to-end container defense across the SDLC
MOOLE SAST
Static application security testing for source code
About Us
CVE-2025-27060
Vulnerability Database
CVE-2025-27060
Base Score
HIGH
8.8
CVE-2025-27060
Memory corruption while performing SCM call with malformed inputs.
Vector
LOCAL
Published By
product-security@qualcomm.com
Published Date
Oct 09, 2025, 04:16
Weakness Type (CWE)
:
CWE-822
CVSS Metrics
CVSS v3.1
Base Score
8.8
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Severity
HIGH
Version
3.1
Attack Vector (AV)
LOCAL
Attack Complexity (AC)
LOW
Privileges Required (PR)
LOW
User Interaction (UI)
NONE
Scope (S)
CHANGED
Confidentiality (C)
HIGH
Integrity (I)
HIGH
Availability (A)
HIGH
References
https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html
Base Score
HIGH
8.8
Weakness Type (CWE)
:
CWE-822
CVSS Metrics
CVSS v3.1
Base Score
8.8
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Severity
HIGH
Version
3.1
Attack Vector (AV)
LOCAL
Attack Complexity (AC)
LOW
Privileges Required (PR)
LOW
User Interaction (UI)
NONE
Scope (S)
CHANGED
Confidentiality (C)
HIGH
Integrity (I)
HIGH
Availability (A)
HIGH
