CVE-2025-47338
BaseFortify
Publication date: 2025-10-09
Last updated on: 2025-11-05
Assigner: Qualcomm, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | fastconnect_6900_firmware | * |
| qualcomm | fastconnect_6900 | * |
| qualcomm | fastconnect_7800_firmware | * |
| qualcomm | fastconnect_7800 | * |
| qualcomm | qcc2072_firmware | * |
| qualcomm | qcc2072 | * |
| qualcomm | sc8380xp_firmware | * |
| qualcomm | sc8380xp | * |
| qualcomm | wcd9378c_firmware | * |
| qualcomm | wcd9378c | * |
| qualcomm | wcd9380_firmware | * |
| qualcomm | wcd9380 | * |
| qualcomm | wcd9385_firmware | * |
| qualcomm | wcd9385 | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8840 | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845 | * |
| qualcomm | wsa8845h_firmware | * |
| qualcomm | wsa8845h | * |
| qualcomm | x2000077_firmware | * |
| qualcomm | x2000077 | * |
| qualcomm | x2000086_firmware | * |
| qualcomm | x2000086 | * |
| qualcomm | x2000090_firmware | * |
| qualcomm | x2000090 | * |
| qualcomm | x2000092_firmware | * |
| qualcomm | x2000092 | * |
| qualcomm | x2000094_firmware | * |
| qualcomm | x2000094 | * |
| qualcomm | xg101002_firmware | * |
| qualcomm | xg101002 | * |
| qualcomm | xg101032_firmware | * |
| qualcomm | xg101032 | * |
| qualcomm | xg101039_firmware | * |
| qualcomm | xg101039 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-822 | The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves memory corruption that occurs when processing escape commands from userspace. This means that when certain escape commands are handled, the system's memory can be improperly accessed or modified, potentially leading to unexpected behavior or exploitation.
How can this vulnerability impact me? :
The vulnerability can have a high impact as it affects confidentiality, integrity, and availability. An attacker with limited privileges and local access could exploit this to cause memory corruption, potentially leading to unauthorized data access, system crashes, or other malicious actions.