CVE-2025-21483
published 2025-09-24CVE-2025-21483: Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
PriorityP258critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.40%
32.0th percentile
Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
Affected
228 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·CVE-2025-21483 affects a closed-source component (Qualcomm/OEM firmware); no public technical details, PoC, or patch diff are available to derive concrete IOCs or detection signatures. ↗
- ·The vulnerability is triggered via a malformed RTP packet during NALU reassembly, meaning exploitation occurs at the modem/baseband layer over the air — traditional host-based IOCs (hashes, file paths, registry keys) are not applicable. ↗
- ·Severity is rated CRITICAL; patching via the 2025-09-01 Android Security Bulletin is the primary mitigation. No exploitation-in-the-wild indicators are published in the available sources. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jg77-qwrp-9pph: Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs
ghsa_unreviewed·2025-09-24
CVE-2025-21483 [CRITICAL] CWE-119 GHSA-jg77-qwrp-9pph: Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs
Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
Android
CVE-2025-21483: Closed-source component
vendor_android·2025-09-01·CVSS 9.8
CVE-2025-21483 [CRITICAL] CVE-2025-21483: Closed-source component
Android Security Bulletin 2025-09-01
CVE: CVE-2025-21483
Severity: CRITICAL
Component: Closed-source component
References: A-400449682
*
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-24
Published