CVE-2025-47339

Q: What is the severity of CVE-2025-47339?

CVE-2025-47339 has a CVSS score of 7.8 (HIGH). This vulnerability involves memory corruption during HDCP session deinitialization, potentially allowing attackers to execute arbitrary code or cause denial of service. It affects systems using Qualcomm components with HDCP functionality, primarily impacting mobile devices, IoT devices, and embedded systems with Qualcomm chipsets.

7.8 HIGH

📋 TL;DR

This vulnerability involves memory corruption during HDCP session deinitialization, potentially allowing attackers to execute arbitrary code or cause denial of service. It affects systems using Qualcomm components with HDCP functionality, primarily impacting mobile devices, IoT devices, and embedded systems with Qualcomm chipsets.

💻 Affected Systems

Products:

Qualcomm chipsets with HDCP support

Versions: Specific versions not detailed in reference; check Qualcomm advisory for affected chipset models

Operating Systems: Android, Linux-based embedded systems

Default Config Vulnerable: ⚠️ Yes

Notes: Requires HDCP functionality to be enabled and used; affects devices with Qualcomm graphics/media processing components

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Application crash or denial of service affecting HDCP-protected content playback functionality.

🟢

If Mitigated

Limited impact with proper memory protection mechanisms and exploit mitigations in place.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering HDCP session deinitialization under specific conditions; memory corruption vulnerabilities can be challenging to exploit reliably

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm security bulletin for specific chipset firmware updates

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html

Restart Required: Yes

Instructions:

1. Identify your device's Qualcomm chipset model
2. Check Qualcomm security bulletin for affected chipset list
3. Obtain firmware update from device manufacturer
4. Apply update following manufacturer instructions
5. Reboot device

🔧 Temporary Workarounds

Disable HDCP functionality

all

Prevent HDCP session initialization to avoid triggering the vulnerability

Device-specific configuration varies; consult manufacturer documentation

Restrict HDCP content sources

all

Limit HDCP-protected content to trusted sources only

🧯 If You Can't Patch

Segment affected devices on isolated network segments
Implement strict application allowlisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check device specifications for Qualcomm chipset model and compare against Qualcomm's affected products list in security bulletin

Check Version:

Device-specific commands vary; typically 'cat /proc/version' or manufacturer-specific system info commands

Verify Fix Applied:

Verify firmware version matches patched version specified in manufacturer update notes

📡 Detection & Monitoring

Log Indicators:

Unexpected process crashes in media/graphics services
HDCP session initialization/deinitialization errors
Memory access violation logs

Network Indicators:

Unusual HDCP key exchange patterns
Abnormal traffic to/from media playback services

SIEM Query:

Process:MediaService AND (EventID:1000 OR ExceptionCode:c0000005)

📊 Metadata

CVE ID: CVE-2025-47339

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.02% exploit probability (2.5th percentile)

Published: January 7, 2026

Last Updated: January 27, 2026

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Ar9380 Firmware by Qualcomm

Csr8811 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Immersive Home 214 Platform Firmware by Qualcomm

Immersive Home 216 Platform Firmware by Qualcomm

Immersive Home 316 Platform Firmware by Qualcomm

Immersive Home 318 Platform Firmware by Qualcomm

Ipq4018 Firmware by Qualcomm

Ipq4019 Firmware by Qualcomm

Ipq4028 Firmware by Qualcomm

Ipq4029 Firmware by Qualcomm

Ipq5010 Firmware by Qualcomm

Ipq5028 Firmware by Qualcomm

Ipq6000 Firmware by Qualcomm

Ipq6010 Firmware by Qualcomm

Ipq6018 Firmware by Qualcomm

Ipq6028 Firmware by Qualcomm

Ipq8064 Firmware by Qualcomm

Ipq8065 Firmware by Qualcomm

Ipq8068 Firmware by Qualcomm

Ipq8070 Firmware by Qualcomm

Ipq8070a Firmware by Qualcomm

Ipq8071 Firmware by Qualcomm

Ipq8071a Firmware by Qualcomm

Ipq8072 Firmware by Qualcomm

Ipq8072a Firmware by Qualcomm

Ipq8074 Firmware by Qualcomm

Ipq8074a Firmware by Qualcomm

Ipq8076 Firmware by Qualcomm

Ipq8076a Firmware by Qualcomm

Ipq8078 Firmware by Qualcomm

Ipq8078a Firmware by Qualcomm

Ipq8173 Firmware by Qualcomm

Ipq8174 Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qam8620p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6428 Firmware by Qualcomm

Qca6438 Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca7500 Firmware by Qualcomm

Qca8075 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9880 Firmware by Qualcomm

Qca9886 Firmware by Qualcomm

Qca9888 Firmware by Qualcomm

Qca9889 Firmware by Qualcomm

Qca9898 Firmware by Qualcomm

Qca9980 Firmware by Qualcomm

Qca9984 Firmware by Qualcomm

Qca9985 Firmware by Qualcomm

Qca9986 Firmware by Qualcomm

Qca9990 Firmware by Qualcomm

Qca9992 Firmware by Qualcomm

Qca9994 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm