CVE-2025-47338

Q: What is the severity of CVE-2025-47338?

CVE-2025-47338 has a CVSS score of 7.8 (HIGH). This vulnerability allows memory corruption when processing escape commands from userspace, potentially leading to arbitrary code execution or system crashes. It affects systems using Qualcomm components that process these commands, primarily impacting embedded devices and mobile platforms.

7.8 HIGH

📋 TL;DR

This vulnerability allows memory corruption when processing escape commands from userspace, potentially leading to arbitrary code execution or system crashes. It affects systems using Qualcomm components that process these commands, primarily impacting embedded devices and mobile platforms.

💻 Affected Systems

Products:

Qualcomm chipsets and associated firmware

Versions: Specific versions listed in Qualcomm October 2025 security bulletin

Operating Systems: Android, Linux-based embedded systems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems with Qualcomm components that process userspace escape commands

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete system compromise

🟠

Likely Case

System instability, crashes, or denial of service

🟢

If Mitigated

Contained impact with proper memory protections and exploit mitigations

🌐 Internet-Facing: MEDIUM - Requires specific command processing interface exposure

🏢 Internal Only: MEDIUM - Depends on internal service configurations

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to send crafted escape commands to vulnerable interface

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions specified in Qualcomm October 2025 security bulletin

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for specific affected components
2. Obtain firmware updates from device manufacturer
3. Apply updates following manufacturer instructions
4. Reboot system

🔧 Temporary Workarounds

Restrict userspace command access

linux

Limit access to interfaces that process escape commands

# Review and restrict permissions on relevant device nodes
# Example: chmod 600 /dev/qualcomm_interface

🧯 If You Can't Patch

Implement strict input validation for escape command processing
Deploy memory protection mechanisms like ASLR and stack canaries

🔍 How to Verify

Check if Vulnerable:

Check Qualcomm component versions against October 2025 security bulletin

Check Version:

# Check Qualcomm component versions specific to device manufacturer

Verify Fix Applied:

Verify firmware version matches patched versions in advisory

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Memory corruption warnings
Unexpected process termination

Network Indicators:

Unusual command sequences to device interfaces

SIEM Query:

source="kernel" AND ("panic" OR "corruption" OR "segfault")

📊 Metadata

CVE ID: CVE-2025-47338

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-822

EPSS Score: 0.02% exploit probability (5.2th percentile)

Published: October 9, 2025

Last Updated: November 5, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Qcc2072 Firmware by Qualcomm

Sc8380xp Firmware by Qualcomm

Wcd9378c Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wsa8840 Firmware by Qualcomm

Wsa8845 Firmware by Qualcomm

Wsa8845h Firmware by Qualcomm

X2000077 Firmware by Qualcomm

X2000086 Firmware by Qualcomm

X2000090 Firmware by Qualcomm

X2000092 Firmware by Qualcomm

X2000094 Firmware by Qualcomm

Xg101002 Firmware by Qualcomm

Xg101032 Firmware by Qualcomm

Xg101039 Firmware by Qualcomm