CVE-2016-6725

CRITICAL

Android < 7.0 - Remote Code Execution in Qualcomm Crypto Driver

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-6725. PoCs published by codecat007.

AI-analyzed exploit summary The repository claims to contain a PoC for CVE-2016-6725 but the poc.c file is empty. The README provides references and credits but no functional exploit code or technical details.

Description

A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Android ID: A-30515053. References: Qualcomm QC-CR#1050970.

Exploits (1)

github STUB 8 stars

by codecat007 · cpoc

https://github.com/codecat007/cvehub/tree/main/android/kernel/CVE-2016-6725

View Code ZIP pw:eip

The repository claims to contain a PoC for CVE-2016-6725 but the poc.c file is empty. The README provides references and credits but no functional exploit code or technical details.

Classification

Stub 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: Android Kernel

No auth needed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94182

Vendor Advisory x_refsource_confirm

https://source.android.com/security/bulletin/2016-11-01.html

Scores

CVSS v3 9.8

EPSS 0.0306

EPSS Percentile 87.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-284

Status published

Products (3)

google/android < 7.0

Google Inc./Android Kernel-3.10

Google Inc./Android Kernel-3.18

Published Nov 25, 2016

Tracked Since Feb 18, 2026