CVE-2025-47367
BaseFortify
Publication date: 2025-11-04
Last updated on: 2025-11-05
Assigner: Qualcomm, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | qcm6490_firmware | * |
| qualcomm | qcm6490 | * |
| qualcomm | qcs5430_firmware | * |
| qualcomm | qcs5430 | * |
| qualcomm | qcs6490_firmware | * |
| qualcomm | qcs6490 | * |
| qualcomm | video_collaboration_vc3_platform_firmware | * |
| qualcomm | video_collaboration_vc3_platform | * |
| qualcomm | sc8380xp_firmware | * |
| qualcomm | sc8380xp | * |
| qualcomm | snapdragon_7c\+_gen_3_compute_firmware | * |
| qualcomm | snapdragon_7c\+_gen_3_compute | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\) | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\) | * |
| qualcomm | wcd9370_firmware | * |
| qualcomm | wcd9370 | * |
| qualcomm | wcd9375_firmware | * |
| qualcomm | wcd9375 | * |
| qualcomm | wcd9378c_firmware | * |
| qualcomm | wcd9378c | * |
| qualcomm | wcd9380_firmware | * |
| qualcomm | wcd9380 | * |
| qualcomm | wcd9385_firmware | * |
| qualcomm | wcd9385 | * |
| qualcomm | wsa8830_firmware | * |
| qualcomm | wsa8830 | * |
| qualcomm | wsa8835_firmware | * |
| qualcomm | wsa8835 | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8840 | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845 | * |
| qualcomm | wsa8845h_firmware | * |
| qualcomm | wsa8845h | * |
| qualcomm | x2000077_firmware | * |
| qualcomm | x2000077 | * |
| qualcomm | x2000086_firmware | * |
| qualcomm | x2000086 | * |
| qualcomm | x2000090_firmware | * |
| qualcomm | x2000090 | * |
| qualcomm | x2000092_firmware | * |
| qualcomm | x2000092 | * |
| qualcomm | x2000094_firmware | * |
| qualcomm | x2000094 | * |
| qualcomm | xg101002_firmware | * |
| qualcomm | xg101002 | * |
| qualcomm | xg101032_firmware | * |
| qualcomm | xg101032 | * |
| qualcomm | xg101039_firmware | * |
| qualcomm | xg101039 | * |
| qualcomm | fastconnect_6700_firmware | * |
| qualcomm | fastconnect_6700 | * |
| qualcomm | fastconnect_6900_firmware | * |
| qualcomm | fastconnect_6900 | * |
| qualcomm | fastconnect_7800_firmware | * |
| qualcomm | fastconnect_7800 | * |
| qualcomm | qcc2072_firmware | * |
| qualcomm | qcc2072 | * |
| qualcomm | qcm5430_firmware | * |
| qualcomm | qcm5430 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory corruption issue that occurs when accessing a buffer during IOCTL (Input/Output Control) processing. It means that improper handling of memory buffers can lead to corruption, potentially causing unexpected behavior or crashes.
How can this vulnerability impact me? :
The vulnerability can lead to severe impacts including high confidentiality, integrity, and availability risks. Exploiting this memory corruption could allow an attacker with limited privileges to execute arbitrary code, cause system crashes, or gain unauthorized access to sensitive information.