CVE-2025-47317

Sept. 25, 2025, 4:04 p.m.

7.8
High

Description

Memory corruption due to global buffer overflow when a test command uses an invalid payload type.

Product(s) Impacted

Vendor Product Versions
Qualcomm
  • Fastconnect 6200 Firmware
  • Fastconnect 6200
  • Fastconnect 6700 Firmware
  • Fastconnect 6700
  • Fastconnect 7800 Firmware
  • Fastconnect 7800
  • Qcc5161 Firmware
  • Qcc5161
  • Qcc710 Firmware
  • Qcc710
  • Qcc711 Firmware
  • Qcc711
  • Qcc7225 Firmware
  • Qcc7225
  • Qcc7226 Firmware
  • Qcc7226
  • Qcc7228 Firmware
  • Qcc7228
  • Qmp1000 Firmware
  • Qmp1000
  • S3 Gen 2 Sound Platform Firmware
  • S3 Gen 2 Sound Platform
  • S3 Sound Platform Firmware
  • S3 Sound Platform
  • S5 Gen 2 Sound Platform Firmware
  • S5 Gen 2 Sound Platform
  • S5 Sound Platform Firmware
  • S5 Sound Platform
  • Sm6475 Firmware
  • Sm6475
  • Sm6650 Firmware
  • Sm6650
  • Sm6650p Firmware
  • Sm6650p
  • Sm7435 Firmware
  • Sm7435
  • Sm7550 Firmware
  • Sm7550
  • Sm7550p Firmware
  • Sm7550p
  • Sm7635 Firmware
  • Sm7635
  • Sm7635p Firmware
  • Sm7635p
  • Sm7675 Firmware
  • Sm7675
  • Sm7675p Firmware
  • Sm7675p
  • Sm8635 Firmware
  • Sm8635
  • Sm8635p Firmware
  • Sm8635p
  • Sm8735 Firmware
  • Sm8735
  • Sm8750 Firmware
  • Sm8750
  • Sm8750p Firmware
  • Sm8750p
  • Snapdragon 6 Gen 1 Mobile Platform Firmware
  • Snapdragon 6 Gen 1 Mobile Platform
  • Wcd9370 Firmware
  • Wcd9370
  • Wcd9371 Firmware
  • Wcd9371
  • Wcd9375 Firmware
  • Wcd9375
  • Wcd9378 Firmware
  • Wcd9378
  • Wcd9385 Firmware
  • Wcd9385
  • Wcd9390 Firmware
  • Wcd9390
  • Wcd9395 Firmware
  • Wcd9395
  • Wcn3988 Firmware
  • Wcn3988
  • Wcn6650 Firmware
  • Wcn6650
  • Wcn6755 Firmware
  • Wcn6755
  • Wcn7750 Firmware
  • Wcn7750
  • Wcn7860 Firmware
  • Wcn7860
  • Wcn7861 Firmware
  • Wcn7861
  • Wcn7880 Firmware
  • Wcn7880
  • Wcn7881 Firmware
  • Wcn7881
  • Wsa8810 Firmware
  • Wsa8810
  • Wsa8815 Firmware
  • Wsa8815
  • Wsa8830 Firmware
  • Wsa8830
  • Wsa8832 Firmware
  • Wsa8832
  • Wsa8835 Firmware
  • Wsa8835
  • Wsa8840 Firmware
  • Wsa8840
  • Wsa8845 Firmware
  • Wsa8845
  • Wsa8845h Firmware
  • Wsa8845h
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-126
Buffer Over-read
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o qualcomm fastconnect_6200_firmware - / / / / / / /
h qualcomm fastconnect_6200 - / / / / / / /
o qualcomm fastconnect_6700_firmware - / / / / / / /
h qualcomm fastconnect_6700 - / / / / / / /
o qualcomm fastconnect_7800_firmware - / / / / / / /
h qualcomm fastconnect_7800 - / / / / / / /
o qualcomm qcc5161_firmware - / / / / / / /
h qualcomm qcc5161 - / / / / / / /
o qualcomm qcc710_firmware - / / / / / / /
h qualcomm qcc710 - / / / / / / /
o qualcomm qcc711_firmware - / / / / / / /
h qualcomm qcc711 - / / / / / / /
o qualcomm qcc7225_firmware - / / / / / / /
h qualcomm qcc7225 - / / / / / / /
o qualcomm qcc7226_firmware - / / / / / / /
h qualcomm qcc7226 - / / / / / / /
o qualcomm qcc7228_firmware - / / / / / / /
h qualcomm qcc7228 - / / / / / / /
o qualcomm qmp1000_firmware - / / / / / / /
h qualcomm qmp1000 - / / / / / / /
o qualcomm s3_gen_2_sound_platform_firmware - / / / / / / /
h qualcomm s3_gen_2_sound_platform - / / / / / / /
o qualcomm s3_sound_platform_firmware - / / / / / / /
h qualcomm s3_sound_platform - / / / / / / /
o qualcomm s5_gen_2_sound_platform_firmware - / / / / / / /
h qualcomm s5_gen_2_sound_platform - / / / / / / /
o qualcomm s5_sound_platform_firmware - / / / / / / /
h qualcomm s5_sound_platform - / / / / / / /
o qualcomm sm6475_firmware - / / / / / / /
h qualcomm sm6475 - / / / / / / /
o qualcomm sm6650_firmware - / / / / / / /
h qualcomm sm6650 - / / / / / / /
o qualcomm sm6650p_firmware - / / / / / / /
h qualcomm sm6650p - / / / / / / /
o qualcomm sm7435_firmware - / / / / / / /
h qualcomm sm7435 - / / / / / / /
o qualcomm sm7550_firmware - / / / / / / /
h qualcomm sm7550 - / / / / / / /
o qualcomm sm7550p_firmware - / / / / / / /
h qualcomm sm7550p - / / / / / / /
o qualcomm sm7635_firmware - / / / / / / /
h qualcomm sm7635 - / / / / / / /
o qualcomm sm7635p_firmware - / / / / / / /
h qualcomm sm7635p - / / / / / / /
o qualcomm sm7675_firmware - / / / / / / /
h qualcomm sm7675 - / / / / / / /
o qualcomm sm7675p_firmware - / / / / / / /
h qualcomm sm7675p - / / / / / / /
o qualcomm sm8635_firmware - / / / / / / /
h qualcomm sm8635 - / / / / / / /
o qualcomm sm8635p_firmware - / / / / / / /
h qualcomm sm8635p - / / / / / / /
o qualcomm sm8735_firmware - / / / / / / /
h qualcomm sm8735 - / / / / / / /
o qualcomm sm8750_firmware - / / / / / / /
h qualcomm sm8750 - / / / / / / /
o qualcomm sm8750p_firmware - / / / / / / /
h qualcomm sm8750p - / / / / / / /
o qualcomm snapdragon_6_gen_1_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_6_gen_1_mobile_platform - / / / / / / /
o qualcomm wcd9370_firmware - / / / / / / /
h qualcomm wcd9370 - / / / / / / /
o qualcomm wcd9371_firmware - / / / / / / /
h qualcomm wcd9371 - / / / / / / /
o qualcomm wcd9375_firmware - / / / / / / /
h qualcomm wcd9375 - / / / / / / /
o qualcomm wcd9378_firmware - / / / / / / /
h qualcomm wcd9378 - / / / / / / /
o qualcomm wcd9385_firmware - / / / / / / /
h qualcomm wcd9385 - / / / / / / /
o qualcomm wcd9390_firmware - / / / / / / /
h qualcomm wcd9390 - / / / / / / /
o qualcomm wcd9395_firmware - / / / / / / /
h qualcomm wcd9395 - / / / / / / /
o qualcomm wcn3988_firmware - / / / / / / /
h qualcomm wcn3988 - / / / / / / /
o qualcomm wcn6650_firmware - / / / / / / /
h qualcomm wcn6650 - / / / / / / /
o qualcomm wcn6755_firmware - / / / / / / /
h qualcomm wcn6755 - / / / / / / /
o qualcomm wcn7750_firmware - / / / / / / /
h qualcomm wcn7750 - / / / / / / /
o qualcomm wcn7860_firmware - / / / / / / /
h qualcomm wcn7860 - / / / / / / /
o qualcomm wcn7861_firmware - / / / / / / /
h qualcomm wcn7861 - / / / / / / /
o qualcomm wcn7880_firmware - / / / / / / /
h qualcomm wcn7880 - / / / / / / /
o qualcomm wcn7881_firmware - / / / / / / /
h qualcomm wcn7881 - / / / / / / /
o qualcomm wsa8810_firmware - / / / / / / /
h qualcomm wsa8810 - / / / / / / /
o qualcomm wsa8815_firmware - / / / / / / /
h qualcomm wsa8815 - / / / / / / /
o qualcomm wsa8830_firmware - / / / / / / /
h qualcomm wsa8830 - / / / / / / /
o qualcomm wsa8832_firmware - / / / / / / /
h qualcomm wsa8832 - / / / / / / /
o qualcomm wsa8835_firmware - / / / / / / /
h qualcomm wsa8835 - / / / / / / /
o qualcomm wsa8840_firmware - / / / / / / /
h qualcomm wsa8840 - / / / / / / /
o qualcomm wsa8845_firmware - / / / / / / /
h qualcomm wsa8845 - / / / / / / /
o qualcomm wsa8845h_firmware - / / / / / / /
h qualcomm wsa8845h - / / / / / / /

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html

Tags

product-security@qualcomm.com
CWE-126
2025-09-24
CVE-2025-47317

CVSS Score

7.8 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: Sept. 24, 2025, 4:15 p.m.
Last Modified: Sept. 25, 2025, 4:04 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@qualcomm.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.