CVE-2025-59601 - Vulnerability Details

Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00013.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Qualcomm	Fastconnect 7800 Fastconnect 7800 Firmware Qca7005 Qca7005 Firmware Snapdragon Snapdragon Ar1 Gen 1 Platform Snapdragon Ar1 Gen 1 Platform Firmware Wcd9380 Wcd9380 Firmware Wcd9385 Wcd9385 Firmware Wsa8830 Wsa8830 Firmware Wsa8832 Wsa8832 Firmware Wsa8835 Wsa8835 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:qca7005_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca7005:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Qualcomm	Snapdragon

References

Link	Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html

History

Tue, 02 Jun 2026 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm qca7005 Qualcomm qca7005 Firmware Qualcomm snapdragon Ar1 Gen 1 Platform Qualcomm snapdragon Ar1 Gen 1 Platform Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wcd9385 Qualcomm wcd9385 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8832 Qualcomm wsa8832 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware
CPEs		cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::* cpe:2.3:h:qualcomm:qca7005:-:::::::* cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:wcd9385:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:wsa8832:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::* cpe:2.3:o:qualcomm:qca7005_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::*
Vendors & Products		Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm qca7005 Qualcomm qca7005 Firmware Qualcomm snapdragon Ar1 Gen 1 Platform Qualcomm snapdragon Ar1 Gen 1 Platform Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wcd9385 Qualcomm wcd9385 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8832 Qualcomm wsa8832 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware

Tue, 02 Jun 2026 00:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 02 Jun 2026 00:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm Qualcomm snapdragon
Vendors & Products		Qualcomm Qualcomm snapdragon

Mon, 01 Jun 2026 22:30:00 +0000

Type	Values Removed	Values Added
Description		Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.
Title		Exposure of Sensitive Information Through Metadata in Powerline Communication Firmware
Weaknesses		CWE-1230
References		https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2026-06-01T22:05:23.166Z

Updated: 2026-06-01T23:48:28.597Z

Reserved: 2025-09-18T03:19:23.201Z

Link: CVE-2025-59601

Vulnrichment

Updated: 2026-06-01T23:48:25.521Z

NVD

Status : Analyzed

Published: 2026-06-01T23:16:15.477

Modified: 2026-06-02T18:00:59.050

Link: CVE-2025-59601

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-02T00:00:13Z

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object