CVE-2025-47345

Q: What is the severity of CVE-2025-47345?

CVE-2025-47345 has a CVSS score of 8.4 (HIGH). A cryptographic vulnerability in license data encryption could allow attackers to decrypt or manipulate license information. This affects systems using Qualcomm components with vulnerable encryption implementations. Organizations using affected Qualcomm hardware/software are potentially impacted.

8.4 HIGH

📋 TL;DR

A cryptographic vulnerability in license data encryption could allow attackers to decrypt or manipulate license information. This affects systems using Qualcomm components with vulnerable encryption implementations. Organizations using affected Qualcomm hardware/software are potentially impacted.

💻 Affected Systems

Products:

Qualcomm chipsets and software with license management features

Versions: Specific versions not detailed in reference; check Qualcomm advisory

Operating Systems: Android, embedded systems using Qualcomm components

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems using Qualcomm's license encryption implementation

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of license validation systems leading to unauthorized software use, service disruption, or privilege escalation

🟠

Likely Case

License bypass allowing unauthorized access to premium features or services

🟢

If Mitigated

Limited impact with proper network segmentation and monitoring

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires understanding of cryptographic implementation and license system

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm January 2026 bulletin for specific versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html

Restart Required: Yes

Instructions:

1. Review Qualcomm advisory 2. Obtain updated firmware/software 3. Apply patches following vendor instructions 4. Reboot affected systems

🔧 Temporary Workarounds

Network segmentation

all

Isolate systems using Qualcomm license management from untrusted networks

License server hardening

all

Implement additional authentication and monitoring for license validation systems

🧯 If You Can't Patch

Implement strict network access controls to license management systems
Monitor for unusual license validation patterns or unauthorized access attempts

🔍 How to Verify

Check if Vulnerable:

Check system against Qualcomm's affected product list in advisory

Check Version:

System-specific commands vary; consult device documentation

Verify Fix Applied:

Verify firmware/software version matches patched versions in Qualcomm bulletin

📡 Detection & Monitoring

Log Indicators:

Unusual license validation failures
Multiple license requests from single source
License bypass attempts

Network Indicators:

Unexpected traffic to license servers
Protocol anomalies in license communication

SIEM Query:

Search for license validation events with unusual patterns or failures

📊 Metadata

CVE ID: CVE-2025-47345

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

CWE: CWE-323

EPSS Score: 0.01% exploit probability (1.5th percentile)

Published: January 7, 2026

Last Updated: January 27, 2026

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qam8620p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcm5430 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcn6224 Firmware by Qualcomm

Qcn6274 Firmware by Qualcomm

Qcs5430 Firmware by Qualcomm

Qcs615 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Qcs9100 Firmware by Qualcomm

Qdu1010 Firmware by Qualcomm

Qdx1010 Firmware by Qualcomm

Qdx1011 Firmware by Qualcomm

Qep8111 Firmware by Qualcomm

Qfw7114 Firmware by Qualcomm

Qfw7124 Firmware by Qualcomm

Qmp1000 Firmware by Qualcomm

Sa7255p Firmware by Qualcomm

Sa7775p Firmware by Qualcomm

Sa8255p Firmware by Qualcomm

Sa8295p Firmware by Qualcomm

Sa8540p Firmware by Qualcomm

Sa8620p Firmware by Qualcomm

Sa8650p Firmware by Qualcomm

Sa8770p Firmware by Qualcomm

Sa8775p Firmware by Qualcomm

Sa9000p Firmware by Qualcomm

Sc8380xp Firmware by Qualcomm

Sdx80m Firmware by Qualcomm

Sm4635 Firmware by Qualcomm

Sm6475 Firmware by Qualcomm

Sm6650 Firmware by Qualcomm

Sm6650p Firmware by Qualcomm

Sm7435 Firmware by Qualcomm

Sm7635 Firmware by Qualcomm

Sm7635p Firmware by Qualcomm

Sm7675 Firmware by Qualcomm

Sm7675p Firmware by Qualcomm

Sm8635 Firmware by Qualcomm

Sm8635p Firmware by Qualcomm

Sm8650q Firmware by Qualcomm

Sm8735 Firmware by Qualcomm

Sm8750 Firmware by Qualcomm

Sm8750p Firmware by Qualcomm

Snapdragon 6 Gen 1 Mobile Platform Firmware by Qualcomm

Snapdragon 8 Gen 3 Mobile Platform Firmware by Qualcomm

Snapdragon Auto 5g Modem Rf Gen 2 Firmware by Qualcomm

Snapdragon X32 5g Modem Rf System Firmware by Qualcomm

Snapdragon X35 5g Modem Rf System Firmware by Qualcomm

Snapdragon X72 5g Modem Rf System Firmware by Qualcomm

Snapdragon X75 5g Modem Rf System Firmware by Qualcomm

Srv1h Firmware by Qualcomm

Srv1l Firmware by Qualcomm

Srv1m Firmware by Qualcomm