CVE-2025-47322

Q: What is the severity of CVE-2025-47322?

CVE-2025-47322 has a CVSS score of 7.8 (HIGH). This vulnerability allows attackers to cause memory corruption through improper handling of IOCTL calls when setting modes. Successful exploitation could lead to privilege escalation or denial of service. This affects systems using Qualcomm components with vulnerable drivers.

7.8 HIGH

📋 TL;DR

This vulnerability allows attackers to cause memory corruption through improper handling of IOCTL calls when setting modes. Successful exploitation could lead to privilege escalation or denial of service. This affects systems using Qualcomm components with vulnerable drivers.

💻 Affected Systems

Products:

Qualcomm chipsets with vulnerable drivers

Versions: Specific versions not detailed in reference, check Qualcomm advisory

Operating Systems: Android, Linux-based systems using Qualcomm drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems with Qualcomm hardware and corresponding vulnerable driver implementations

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains kernel-level privileges leading to complete system compromise

🟠

Likely Case

Local privilege escalation allowing unauthorized access to system resources

🟢

If Mitigated

Denial of service through system crash or instability

🌐 Internet-Facing: LOW - Requires local access to vulnerable driver interface

🏢 Internal Only: MEDIUM - Internal users with local access could exploit this vulnerability

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to make IOCTL calls to vulnerable driver

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm December 2025 security bulletin

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for affected chipset/driver versions. 2. Apply vendor-provided firmware/driver updates. 3. Reboot system to load patched driver.

🔧 Temporary Workarounds

Restrict driver access

linux

Limit access to vulnerable driver interface using permissions

chmod 600 /dev/vulnerable_driver_device

🧯 If You Can't Patch

Implement strict access controls to limit which users can interact with driver interfaces
Monitor for unusual IOCTL calls or driver access patterns

🔍 How to Verify

Check if Vulnerable:

Check Qualcomm chipset/driver version against advisory

Check Version:

cat /proc/version or check device firmware version

Verify Fix Applied:

Verify driver version has been updated to patched version

📡 Detection & Monitoring

Log Indicators:

Unusual IOCTL calls to driver interfaces
System crashes or kernel panics

Network Indicators:

Not network exploitable - local only

SIEM Query:

Process making unusual IOCTL calls to driver interfaces

📊 Metadata

CVE ID: CVE-2025-47322

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.02% exploit probability (2.5th percentile)

Published: December 18, 2025

Last Updated: January 28, 2026

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8031 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Flight Rb5 5g Platform Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca2066 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm8550 Firmware by Qualcomm

Qcn6224 Firmware by Qualcomm

Qcn6274 Firmware by Qualcomm

Qcn9011 Firmware by Qualcomm

Qcn9012 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs6125 Firmware by Qualcomm

Qcs7230 Firmware by Qualcomm

Qcs8250 Firmware by Qualcomm

Qcs8550 Firmware by Qualcomm

Qdu1010 Firmware by Qualcomm

Qdx1010 Firmware by Qualcomm

Qdx1011 Firmware by Qualcomm

Qep8111 Firmware by Qualcomm

Qfw7114 Firmware by Qualcomm

Qfw7124 Firmware by Qualcomm

Qrb5165n Firmware by Qualcomm

Robotics Rb5 Platform Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa7255p Firmware by Qualcomm

Sa7775p Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sa8255p Firmware by Qualcomm

Sa8295p Firmware by Qualcomm

Sa8620p Firmware by Qualcomm

Sa8650p Firmware by Qualcomm

Sa8770p Firmware by Qualcomm

Sa8775p Firmware by Qualcomm

Sa9000p Firmware by Qualcomm

Sg4150p Firmware by Qualcomm

Sg8275 Firmware by Qualcomm

Sg8275p Firmware by Qualcomm

Sm7550 Firmware by Qualcomm

Sm7550p Firmware by Qualcomm

Sm8550p Firmware by Qualcomm

Smart Audio 400 Platform Firmware by Qualcomm

Snapdragon 460 Mobile Platform Firmware by Qualcomm

Snapdragon 662 Mobile Platform Firmware by Qualcomm

Snapdragon 680 4g Mobile Platform Firmware by Qualcomm

Snapdragon 685 4g Mobile Platform \(sm6225 Ad\) Firmware by Qualcomm

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

Snapdragon Auto 5g Modem Rf Gen 2 Firmware by Qualcomm

Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm