Security Vulnerabilities - CVEs Published In April 2025
Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-04-07
Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-04-07
Memory corruption while processing multiple IOCTL calls from HLOS to DSP.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-04-07
Memory corruption while processing escape code in API.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-04-07
Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-04-07
Memory corruption may occur due top improper access control in HAB process.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-04-07
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session.
CVSS Score
7.5
EPSS Score
0.004
Published
2025-04-07
Memory corruption while processing IOCTL calls to add route entry in the HW.
CVSS Score
6.6
EPSS Score
0.001
Published
2025-04-07
Information disclosure while creating MQ channels.
CVSS Score
7.7
EPSS Score
0.001
Published
2025-04-07
Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass.
CVSS Score
6.2
EPSS Score
0.001
Published
2025-04-07