SecuriTricks - CVE-2025-47367

Description

Memory corruption while accessing a buffer during IOCTL processing.

Product(s) Impacted

Vendor	Product	Versions
Qualcomm	Qcm6490 Firmware Qcm6490 Qcs5430 Firmware Qcs5430 Qcs6490 Firmware Qcs6490 Video Collaboration Vc3 Platform Firmware Video Collaboration Vc3 Platform Sc8380xp Firmware Sc8380xp Snapdragon 7c\+ Gen 3 Compute Firmware Snapdragon 7c\+ Gen 3 Compute Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp-ab\) Firmware Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp-ab\) Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp-bb\) Firmware Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp-bb\) Wcd9370 Firmware Wcd9370 Wcd9375 Firmware Wcd9375 Wcd9378c Firmware Wcd9378c Wcd9380 Firmware Wcd9380 Wcd9385 Firmware Wcd9385 Wsa8830 Firmware Wsa8830 Wsa8835 Firmware Wsa8835 Wsa8840 Firmware Wsa8840 Wsa8845 Firmware Wsa8845 Wsa8845h Firmware Wsa8845h X2000077 Firmware X2000077 X2000086 Firmware X2000086 X2000090 Firmware X2000090 X2000092 Firmware X2000092 X2000094 Firmware X2000094 Xg101002 Firmware Xg101002 Xg101032 Firmware Xg101032 Xg101039 Firmware Xg101039 Fastconnect 6700 Firmware Fastconnect 6700 Fastconnect 6900 Firmware Fastconnect 6900 Fastconnect 7800 Firmware Fastconnect 7800 Qcc2072 Firmware Qcc2072 Qcm5430 Firmware Qcm5430	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
o	qualcomm	qcm6490_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qcm6490	-	/	/	/	/	/	/	/
o	qualcomm	qcs5430_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qcs5430	-	/	/	/	/	/	/	/
o	qualcomm	qcs6490_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qcs6490	-	/	/	/	/	/	/	/
o	qualcomm	video_collaboration_vc3_platform_firmware	-	/	/	/	/	/	/	/
h	qualcomm	video_collaboration_vc3_platform	-	/	/	/	/	/	/	/
o	qualcomm	sc8380xp_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sc8380xp	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_7c\+_gen_3_compute_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_7c\+_gen_3_compute	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)	-	/	/	/	/	/	/	/
o	qualcomm	wcd9370_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9370	-	/	/	/	/	/	/	/
o	qualcomm	wcd9375_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9375	-	/	/	/	/	/	/	/
o	qualcomm	wcd9378c_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9378c	-	/	/	/	/	/	/	/
o	qualcomm	wcd9380_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9380	-	/	/	/	/	/	/	/
o	qualcomm	wcd9385_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9385	-	/	/	/	/	/	/	/
o	qualcomm	wsa8830_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wsa8830	-	/	/	/	/	/	/	/
o	qualcomm	wsa8835_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wsa8835	-	/	/	/	/	/	/	/
o	qualcomm	wsa8840_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wsa8840	-	/	/	/	/	/	/	/
o	qualcomm	wsa8845_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wsa8845	-	/	/	/	/	/	/	/
o	qualcomm	wsa8845h_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wsa8845h	-	/	/	/	/	/	/	/
o	qualcomm	x2000077_firmware	-	/	/	/	/	/	/	/
h	qualcomm	x2000077	-	/	/	/	/	/	/	/
o	qualcomm	x2000086_firmware	-	/	/	/	/	/	/	/
h	qualcomm	x2000086	-	/	/	/	/	/	/	/
o	qualcomm	x2000090_firmware	-	/	/	/	/	/	/	/
h	qualcomm	x2000090	-	/	/	/	/	/	/	/
o	qualcomm	x2000092_firmware	-	/	/	/	/	/	/	/
h	qualcomm	x2000092	-	/	/	/	/	/	/	/
o	qualcomm	x2000094_firmware	-	/	/	/	/	/	/	/
h	qualcomm	x2000094	-	/	/	/	/	/	/	/
o	qualcomm	xg101002_firmware	-	/	/	/	/	/	/	/
h	qualcomm	xg101002	-	/	/	/	/	/	/	/
o	qualcomm	xg101032_firmware	-	/	/	/	/	/	/	/
h	qualcomm	xg101032	-	/	/	/	/	/	/	/
o	qualcomm	xg101039_firmware	-	/	/	/	/	/	/	/
h	qualcomm	xg101039	-	/	/	/	/	/	/	/
o	qualcomm	fastconnect_6700_firmware	-	/	/	/	/	/	/	/
h	qualcomm	fastconnect_6700	-	/	/	/	/	/	/	/
o	qualcomm	fastconnect_6900_firmware	-	/	/	/	/	/	/	/
h	qualcomm	fastconnect_6900	-	/	/	/	/	/	/	/
o	qualcomm	fastconnect_7800_firmware	-	/	/	/	/	/	/	/
h	qualcomm	fastconnect_7800	-	/	/	/	/	/	/	/
o	qualcomm	qcc2072_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qcc2072	-	/	/	/	/	/	/	/
o	qualcomm	qcm5430_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qcm5430	-	/	/	/	/	/	/	/

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2025-bulletin.html

CVSS Score

7.8 / 10

CVSS Data - 3.1

Attack Vector: LOCAL
Attack Complexity: LOW
Privileges Required: LOW
Scope: UNCHANGED
Confidentiality Impact: HIGH
Integrity Impact: HIGH
Availability Impact: HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

View Vector String

Timeline

Published: Nov. 4, 2025, 4:15 a.m.
Last Modified: Nov. 5, 2025, 5:16 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@qualcomm.com

CVE-2025-47367