AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-27032: memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache

highvulnerability

security

Source: NVD/CVE DatabaseSeptember 24, 2025CVE-2025-27032

Summary

CVE-2025-27032 is a memory corruption bug in Qualcomm systems that occurs when a PIL authenticated VM (a virtual machine protected with Qualcomm's authentication system) is loaded without maintaining cache coherency (keeping copies of data in different storage locations synchronized). This vulnerability allows improper access to memory regions that should be protected.

Vulnerability Details

CVSS Score

7.8(high)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-1257

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-27032

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%