Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to vulnerabilities
Critical

Remote Code Execution in Qualcomm Multi-Mode Call Processor PLMN Selection Handling

IdentifiersCVE-2025-27034CWE-129· Improper Validation of Array Index

CVE-2025-27034 is a critical memory corruption vulnerability in a Qualcomm closed-source component, described as occurring while selecting a Public Land Mobile Network (PLMN) from the Steering of Roaming (SoR) failed list. The available context indicates the flaw is in Qualcomm's Multi-Mode Call Processor / modem firmware and is triggered when malformed PLMN selection responses are processed. The root cause is reported as improper validation of array indices, leading to out-of-bounds memory corruption during PLMN selection handling. Because the vulnerable code executes in the modem/baseband processing path, exploitation can occur remotely via crafted network-originated messages and does not require user interaction.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can result in remote code execution in the Qualcomm modem/baseband environment. Given the affected component is the modem firmware rather than only the main application processor, compromise may provide elevated privileges within the communications subsystem, potentially enabling persistent control of the baseband, bypass of some higher-layer security controls, and broader compromise of affected smartphones, IoT devices, and automotive platforms. The provided context also states the vulnerability has been exploited in the wild.

Mitigation

If you can’t patch tonight, do this now.

Where immediate patching is not possible, reduce exposure by prioritizing patch deployment on internet-exposed or high-risk mobile fleets, monitoring for anomalous modem/network behavior, and using carrier/OEM-provided firmware integrity and security monitoring where available. Detection options mentioned in the provided context include network traffic analysis, system log monitoring, behavioral analysis, firmware integrity checks, SIEM correlation, and regular vulnerability scanning. However, because this is a baseband/modem flaw, mitigation short of patching is limited.

Remediation

Patch, then assume compromise.

Apply vendor patches from Qualcomm and downstream device OEM updates. The provided context states fixes were included in the September 2025 Android security updates and integrated into AOSP versions 15 and 16, with protection available at security patch level 2025-09-05 or later. Devices should be updated to firmware builds from the OEM that incorporate Qualcomm's fix for CVE-2025-27034.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
Qualcomm315 5g Iot Modem Firmwareoperating_system
QualcommAr8035 Firmwareoperating_system
QualcommFastconnect 6200 Firmwareoperating_system
QualcommFastconnect 6700 Firmwareoperating_system
QualcommFastconnect 6800 Firmwareoperating_system
QualcommFastconnect 6900 Firmwareoperating_system
QualcommFastconnect 7800 Firmwareoperating_system
QualcommQca6174a Firmwareoperating_system
QualcommQca6391 Firmwareoperating_system
QualcommQca6574a Firmwareoperating_system
QualcommQca6584au Firmwareoperating_system
QualcommQca6595au Firmwareoperating_system
QualcommQca6696 Firmwareoperating_system
QualcommQca6698aq Firmwareoperating_system
QualcommQca8081 Firmwareoperating_system
QualcommQca8337 Firmwareoperating_system
QualcommQcc710 Firmwareoperating_system
QualcommQcm4490 Firmwareoperating_system
QualcommQcm5430 Firmwareoperating_system
QualcommQcm6490 Firmwareoperating_system
QualcommQcm8550 Firmwareoperating_system
QualcommQcn6024 Firmwareoperating_system
QualcommQcn6224 Firmwareoperating_system
QualcommQcn6274 Firmwareoperating_system
QualcommQcn9024 Firmwareoperating_system
QualcommQcs4490 Firmwareoperating_system
QualcommQcs5430 Firmwareoperating_system
QualcommQcs6490 Firmwareoperating_system
QualcommQcs8550 Firmwareoperating_system
QualcommQep8111 Firmwareoperating_system
QualcommQfw7114 Firmwareoperating_system
QualcommQfw7124 Firmwareoperating_system
QualcommSd 8 Gen1 5g Firmwareoperating_system
QualcommSdx55 Firmwareoperating_system
QualcommSdx57m Firmwareoperating_system
QualcommSdx61 Firmwareoperating_system
QualcommSdx71m Firmwareoperating_system
QualcommSdx80m Firmwareoperating_system
QualcommSg8275p Firmwareoperating_system
QualcommSm4635 Firmwareoperating_system
QualcommSm6650 Firmwareoperating_system
QualcommSm7250p Firmwareoperating_system
QualcommSm7325p Firmwareoperating_system
QualcommSm7635 Firmwareoperating_system
QualcommSm7675 Firmwareoperating_system
QualcommSm7675p Firmwareoperating_system
QualcommSm8550p Firmwareoperating_system
QualcommSm8635 Firmwareoperating_system
QualcommSm8635p Firmwareoperating_system
QualcommSm8650q Firmwareoperating_system
QualcommSm8750 Firmwareoperating_system
QualcommSm8750p Firmwareoperating_system
QualcommSnapdragon 4 Gen 1 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 480 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 480+ 5g Mobile Platform (Sm4350-Ac) Firmwareoperating_system
QualcommSnapdragon 690 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 695 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 765 5g Mobile Platform (Sm7250-Aa) Firmwareoperating_system
QualcommSnapdragon 765g 5g Mobile Platform (Sm7250-Ab) Firmwareoperating_system
QualcommSnapdragon 768g 5g Mobile Platform (Sm7250-Ac) Firmwareoperating_system
QualcommSnapdragon 778g 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 778g+ 5g Mobile Platform (Sm7325-Ae) Firmwareoperating_system
QualcommSnapdragon 780g 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 782g Mobile Platform (Sm7325-Af) Firmwareoperating_system
QualcommSnapdragon 7c+ Gen 3 Compute Firmwareoperating_system
QualcommSnapdragon 8 Gen 1 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 8 Gen 2 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 8 Gen 3 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 8+ Gen 1 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 8+ Gen 2 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 865 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 865+ 5g Mobile Platform (Sm8250-Ab) Firmwareoperating_system
QualcommSnapdragon 870 5g Mobile Platform (Sm8250-Ac) Firmwareoperating_system
QualcommSnapdragon 888 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 888+ 5g Mobile Platform (Sm8350-Ac) Firmwareoperating_system
QualcommSnapdragon Auto 5g Modem-Rf Firmwareoperating_system
QualcommSnapdragon Auto 5g Modem-Rf Gen 2 Firmwareoperating_system
QualcommSnapdragon X35 5g Modem-Rf System Firmwareoperating_system
QualcommSnapdragon X55 5g Modem-Rf System Firmwareoperating_system
QualcommSnapdragon X62 5g Modem-Rf System Firmwareoperating_system
QualcommSnapdragon X65 5g Modem-Rf System Firmwareoperating_system
QualcommSnapdragon X70 Modem-Rf System Firmwareoperating_system
QualcommSnapdragon X72 5g Modem-Rf System Firmwareoperating_system
QualcommSnapdragon X75 5g Modem-Rf System Firmwareoperating_system
QualcommVideo Collaboration Vc3 Platform Firmwareoperating_system
QualcommWcd9340 Firmwareoperating_system
QualcommWcd9341 Firmwareoperating_system
QualcommWcd9360 Firmwareoperating_system
QualcommWcd9370 Firmwareoperating_system
QualcommWcd9375 Firmwareoperating_system
QualcommWcd9378 Firmwareoperating_system
QualcommWcd9380 Firmwareoperating_system
QualcommWcd9385 Firmwareoperating_system
QualcommWcd9390 Firmwareoperating_system
QualcommWcd9395 Firmwareoperating_system
QualcommWcn3950 Firmwareoperating_system
QualcommWcn3988 Firmwareoperating_system
QualcommWcn6450 Firmwareoperating_system
QualcommWcn6650 Firmwareoperating_system
QualcommWcn6740 Firmwareoperating_system
QualcommWcn6755 Firmwareoperating_system
QualcommWcn7860 Firmwareoperating_system
QualcommWcn7861 Firmwareoperating_system
QualcommWcn7880 Firmwareoperating_system
QualcommWcn7881 Firmwareoperating_system
QualcommWsa8810 Firmwareoperating_system
QualcommWsa8815 Firmwareoperating_system
QualcommWsa8830 Firmwareoperating_system
QualcommWsa8832 Firmwareoperating_system
QualcommWsa8835 Firmwareoperating_system
QualcommWsa8840 Firmwareoperating_system
QualcommWsa8845 Firmwareoperating_system
QualcommWsa8845h Firmwareoperating_system

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

15 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

15 SOURCESView more in app
zeropath blogNews
Sep 24, 2025
Qualcomm Multi-Mode Call Processor CVE-2025-27034: Brief Summary of a Critical Memory Corruption Vulnerability - ZeroPath Blog | ZeroPath

A critical memory corruption vulnerability in Qualcomm's Multi-Mode Call Processor during PLMN selection from the Steering of Roaming failed list, allowing remote code execution without user interaction.

Read more
the hacker newsNews
Sep 8, 2025
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

Unknown (listed as a trending/high-risk CVE associated with Qualcomm; no technical details provided in the content).

Read more
android security bulletinNews
Sep 2, 2025
Android Security Bulletin—September 2025

A critical vulnerability in a Qualcomm closed-source component affecting Android devices, details provided by Qualcomm.

Read more
android security bulletinNews
Sep 2, 2025
Android Security Bulletin—September 2025

A critical vulnerability in a Qualcomm closed-source component affecting Android devices, details provided by Qualcomm.

Read more
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity11

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2025-27034
NVD
nvd.nist.gov/vuln/detail/CVE-2025-27034
MITRE CWE · CWE-129
Improper Validation of Array Index
Vendor Advisory
docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html