CVE-2025-47387
Analyzed
Analyzed - Analysis Complete
BaseFortify
Publication date: 2025-12-18
Last updated on: 2026-01-28
Assigner: Qualcomm, Inc.
Description
Description
Memory Corruption when processing IOCTLs for JPEG data without verification.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | aqt1000_firmware | * |
| qualcomm | aqt1000 | * |
| qualcomm | fastconnect_6200_firmware | * |
| qualcomm | fastconnect_6200 | * |
| qualcomm | fastconnect_6700_firmware | * |
| qualcomm | fastconnect_6700 | * |
| qualcomm | fastconnect_6800_firmware | * |
| qualcomm | fastconnect_6800 | * |
| qualcomm | fastconnect_6900_firmware | * |
| qualcomm | fastconnect_6900 | * |
| qualcomm | fastconnect_7800_firmware | * |
| qualcomm | fastconnect_7800 | * |
| qualcomm | qca6391_firmware | * |
| qualcomm | qca6391 | * |
| qualcomm | qca6420_firmware | * |
| qualcomm | qca6420 | * |
| qualcomm | qca6430_firmware | * |
| qualcomm | qca6430 | * |
| qualcomm | qcm5430_firmware | * |
| qualcomm | qcm5430 | * |
| qualcomm | qcm6490_firmware | * |
| qualcomm | qcm6490 | * |
| qualcomm | qcs5430_firmware | * |
| qualcomm | qcs5430 | * |
| qualcomm | qcs6490_firmware | * |
| qualcomm | qcs6490 | * |
| qualcomm | video_collaboration_vc3_platform_firmware | * |
| qualcomm | video_collaboration_vc3_platform | * |
| qualcomm | sc8180x\+sdx55_firmware | * |
| qualcomm | sc8180x\+sdx55 | * |
| qualcomm | sc8380xp_firmware | * |
| qualcomm | sc8380xp | * |
| qualcomm | sm6250_firmware | * |
| qualcomm | sm6250 | * |
| qualcomm | snapdragon_7c_compute_platform_\(sc7180-ac\)_firmware | * |
| qualcomm | snapdragon_7c_compute_platform_\(sc7180-ac\) | * |
| qualcomm | snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_firmware | * |
| qualcomm | snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\) | * |
| qualcomm | snapdragon_7c\+_gen_3_compute_firmware | * |
| qualcomm | snapdragon_7c\+_gen_3_compute | * |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180x-ad\)_firmware | * |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180x-ad\) | * |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180xp-ad\)_firmware | * |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180xp-ad\) | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-aa\)_firmware | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-aa\) | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-ab\)_firmware | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-ab\) | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180xp-ac\)_firmware | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180xp-ac\) | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180xp-af\)_firmware | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180xp-af\) | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\) | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\) | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\) | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\) | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\) | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\) | * |
| qualcomm | wcd9340_firmware | * |
| qualcomm | wcd9340 | * |
| qualcomm | wcd9341_firmware | * |
| qualcomm | wcd9341 | * |
| qualcomm | wcd9370_firmware | * |
| qualcomm | wcd9370 | * |
| qualcomm | wcd9375_firmware | * |
| qualcomm | wcd9375 | * |
| qualcomm | wcd9380_firmware | * |
| qualcomm | wcd9380 | * |
| qualcomm | wcd9385_firmware | * |
| qualcomm | wcd9385 | * |
| qualcomm | wsa8810_firmware | * |
| qualcomm | wsa8810 | * |
| qualcomm | wsa8815_firmware | * |
| qualcomm | wsa8815 | * |
| qualcomm | wsa8830_firmware | * |
| qualcomm | wsa8830 | * |
| qualcomm | wsa8835_firmware | * |
| qualcomm | wsa8835 | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8840 | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845 | * |
| qualcomm | wsa8845h_firmware | * |
| qualcomm | wsa8845h | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-822 | The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory corruption issue that occurs when processing IOCTLs (Input/Output Control codes) for JPEG data without proper verification. This means that the system does not adequately check the JPEG data being handled, which can lead to memory corruption.
How can this vulnerability impact me? :
The vulnerability can lead to serious impacts including high confidentiality, integrity, and availability risks. An attacker with low privileges and local access could exploit this to corrupt memory, potentially causing crashes, data corruption, or execution of arbitrary code.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70