PT-2025-50492 · Qualcomm+1 · Ipq5322+7
Published
2025-12-10
·
Updated
2026-01-21
·
CVE-2025-24857
CVSS v3.1
7.6
High
| Vector | AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Universal Boot Loader (U-Boot) versions prior to 2017.11
Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574
Description
An issue exists with access control for volatile memory that contains boot code. This could allow an attacker to execute arbitrary code.
Recommendations
Update Universal Boot Loader to version 2017.11 or later.
Update Qualcomm chips to a version that addresses this issue.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ipq4019
Ipq5018
Ipq5322
Ipq6018
Ipq8064
Ipq8074
Ipq9574
Universal Boot Loader