CVE-2025-47400
Received
Received - Intake
Buffer Overflow in Qualcomm Crypto Module Risks Data Corruption
Publication date: 2026-04-06
Last updated on: 2026-04-08
Assigner: Qualcomm, Inc.
Description
Description
Cryptographic issue while copying data to a destination buffer without validating its size.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | pandeiro_firmware | * |
| qualcomm | snapdragon_8_elite_gen_5_firmware | * |
| qualcomm | sw6100_firmware | * |
| qualcomm | sw6100p_firmware | * |
| qualcomm | themisto_firmware | * |
| qualcomm | wcd9395_firmware | * |
| qualcomm | wcn7860_firmware | * |
| qualcomm | wcn7861_firmware | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845h_firmware | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-126 | The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. |
