CVE-2025-47402

Unknown Unknown - Not Provided

Denial of Service via Oversized Authentication Element in Qualcomm Firmware

Publication date: 2026-02-02

Last updated on: 2026-02-11

Assigner: Qualcomm, Inc.

Description

Transient DOS when processing a received frame with an excessively large authentication information element.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-02-02

Last Modified

2026-02-11

Generated

2026-05-27

AI Q&A

2026-02-02

EPSS Evaluated

2026-05-25

NVD

CVE-2025-47402

EUVD

EUVD-2025-206612

Affected Vendors & Products

Vendor	Product	Version / Range
qualcomm	sa8620p_firmware	*
qualcomm	sa8770p_firmware	*
qualcomm	sa9000p_firmware	*
qualcomm	sar2130p_firmware	*
qualcomm	sm7675_firmware	*
qualcomm	sm7675p_firmware	*
qualcomm	sm8635_firmware	*
qualcomm	sm8635p_firmware	*
qualcomm	sm8650q_firmware	*
qualcomm	sm8750p_firmware	*
qualcomm	snapdragon_8_elite_firmware	*
qualcomm	snapdragon_8_gen_3_mobile_firmware	*
qualcomm	snapdragon_auto_5g_modem-rf_gen_2_firmware	*
qualcomm	snapdragon_x72_5g_modem-rf_firmware	*
qualcomm	snapdragon_x75_5g_modem-rf_firmware	*
qualcomm	srv1h_firmware	*
qualcomm	srv1m_firmware	*
qualcomm	ssg2115p_firmware	*
qualcomm	ssg2125p_firmware	*
qualcomm	sxr1230p_firmware	*
qualcomm	sxr2250p_firmware	*
qualcomm	wcd9340_firmware	*
qualcomm	wcd9370_firmware	*
qualcomm	wcd9375_firmware	*
qualcomm	wcd9378_firmware	*
qualcomm	wcd9378c_firmware	*
qualcomm	wcd9380_firmware	*
qualcomm	wcd9385_firmware	*
qualcomm	wcd9390_firmware	*
qualcomm	wcd9395_firmware	*
qualcomm	wcn6755_firmware	*
qualcomm	wcn7860_firmware	*
qualcomm	wcn7861_firmware	*
qualcomm	wcn7880_firmware	*
qualcomm	wcn7881_firmware	*
qualcomm	wsa8830_firmware	*
qualcomm	wsa8832_firmware	*
qualcomm	wsa8835_firmware	*
qualcomm	wsa8840_firmware	*
qualcomm	wsa8845_firmware	*
qualcomm	ar8035_firmware	*
qualcomm	cologne_firmware	*
qualcomm	fastconnect_6900_firmware	*
qualcomm	fastconnect_7800_firmware	*
qualcomm	fwa_gen_3_ultra_firmware	*
qualcomm	lemans_au_lgit_firmware	*
qualcomm	lemansau_firmware	*
qualcomm	orne_firmware	*
qualcomm	palawan25_firmware	*
qualcomm	qam8255p_firmware	*
qualcomm	qamsrv1h_firmware	*
qualcomm	qamsrv1m_firmware	*
qualcomm	qca6391_firmware	*
qualcomm	qca6554a_firmware	*
qualcomm	qca6564au_firmware	*
qualcomm	qca6574_firmware	*
qualcomm	qca6574a_firmware	*
qualcomm	qca6574au_firmware	*
qualcomm	qca6584au_firmware	*
qualcomm	qca6595_firmware	*
qualcomm	qca6595au_firmware	*
qualcomm	qca6678aq_firmware	*
qualcomm	qca6688aq_firmware	*
qualcomm	qca6696_firmware	*
qualcomm	qca6698aq_firmware	*
qualcomm	qca6698au_firmware	*
qualcomm	qca6777aq_firmware	*
qualcomm	qca6787aq_firmware	*
qualcomm	qca6797aq_firmware	*
qualcomm	qca8081_firmware	*
qualcomm	qca8337_firmware	*
qualcomm	qcc2073_firmware	*
qualcomm	qcc2076_firmware	*
qualcomm	qcc710_firmware	*
qualcomm	qcn6224_firmware	*
qualcomm	qcn6274_firmware	*
qualcomm	qcn9011_firmware	*
qualcomm	qcn9012_firmware	*
qualcomm	qcs8550_firmware	*
qualcomm	qfw7114_firmware	*
qualcomm	qfw7124_firmware	*
qualcomm	qmp1000_firmware	*
qualcomm	sa7255p_firmware	*
qualcomm	sa7775p_firmware	*
qualcomm	sa8255p_firmware	*
qualcomm	wsa8845h_firmware	*
qualcomm	x2000077_firmware	*
qualcomm	x2000086_firmware	*
qualcomm	x2000090_firmware	*
qualcomm	x2000092_firmware	*
qualcomm	x2000094_firmware	*
qualcomm	xg101002_firmware	*
qualcomm	xg101032_firmware	*
qualcomm	xg101039_firmware	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-126	The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
CWE-125	The product reads data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Powered Q&A

Can you explain this vulnerability to me?

This vulnerability is a transient denial of service (DoS) that occurs when a device processes a received frame containing an excessively large authentication information element. This causes the device to temporarily become unavailable or unresponsive.

How can this vulnerability impact me? :

The impact of this vulnerability is a temporary denial of service, meaning the affected device or system may become unresponsive or unavailable for a short period when processing maliciously crafted frames with large authentication information elements.

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2025-47402

Denial of Service via Oversized Authentication Element in Qualcomm Firmware

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Powered Q&A

Ask Our AI Assistant

EPSS Chart