CVE-2025-47357
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-04

Last updated on: 2025-11-05

Assigner: Qualcomm, Inc.

Description
Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-04
Last Modified
2025-11-05
Generated
2026-06-16
AI Q&A
2025-11-04
EPSS Evaluated
2026-06-14
NVD
CVE-2025-47357
EUVD
EUVD-2025-37619
Affected Vendors & Products
Showing 48 associated CPEs
Vendor Product Version / Range
qualcomm qam8255p_firmware *
qualcomm qam8255p *
qualcomm qam8620p_firmware *
qualcomm qam8620p *
qualcomm qam8650p_firmware *
qualcomm qam8650p *
qualcomm qam8775p_firmware *
qualcomm qam8775p *
qualcomm qamsrv1h_firmware *
qualcomm qamsrv1h *
qualcomm qamsrv1m_firmware *
qualcomm qamsrv1m *
qualcomm qca6595_firmware *
qualcomm qca6595 *
qualcomm qca6595au_firmware *
qualcomm qca6595au *
qualcomm qca6678aq_firmware *
qualcomm qca6678aq *
qualcomm qca6696_firmware *
qualcomm qca6696 *
qualcomm qca6698aq_firmware *
qualcomm qca6698aq *
qualcomm qca6797aq_firmware *
qualcomm qca6797aq *
qualcomm qcs9100_firmware *
qualcomm qcs9100 *
qualcomm sa7255p_firmware *
qualcomm sa7255p *
qualcomm sa7775p_firmware *
qualcomm sa7775p *
qualcomm sa8255p_firmware *
qualcomm sa8255p *
qualcomm sa8620p_firmware *
qualcomm sa8620p *
qualcomm sa8650p_firmware *
qualcomm sa8650p *
qualcomm sa8770p_firmware *
qualcomm sa8770p *
qualcomm sa8775p_firmware *
qualcomm sa8775p *
qualcomm sa9000p_firmware *
qualcomm sa9000p *
qualcomm srv1h_firmware *
qualcomm srv1h *
qualcomm srv1l_firmware *
qualcomm srv1l *
qualcomm srv1m_firmware *
qualcomm srv1m *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves information disclosure that occurs when a user-level driver performs read or write operations on QFPROM Fuse regions. This means sensitive data stored in these Fuse regions can be exposed due to improper access controls.

Impact Analysis

The vulnerability can lead to unauthorized disclosure of sensitive information, potentially compromising system confidentiality and integrity. It may allow attackers to access or modify critical data, resulting in high impact on confidentiality and availability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-47357. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart