CVE-2025-47369

5.5 MEDIUM

📋 TL;DR

This vulnerability allows information disclosure when a weak hashed value is returned to userland code in response to an IOCTL call to obtain a session ID. Attackers can potentially extract sensitive session information. This affects systems using Qualcomm components that implement this vulnerable IOCTL interface.

💻 Affected Systems

Products:

• Qualcomm chipsets and devices using affected drivers

Versions: Specific versions not detailed in reference

Operating Systems: Android, Linux-based systems with Qualcomm drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Requires local access or ability to execute userland code

📦 What is this software?

Ar8035 Firmware by Qualcomm

View all CVEs affecting Ar8035 Firmware →

Csra6620 Firmware by Qualcomm

View all CVEs affecting Csra6620 Firmware →

Csra6640 Firmware by Qualcomm

View all CVEs affecting Csra6640 Firmware →

Fastconnect 6200 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6200 Firmware →

Fastconnect 6700 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6700 Firmware →

Fastconnect 6800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6800 Firmware →

Fastconnect 6900 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6900 Firmware →

Fastconnect 7800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 7800 Firmware →

Flight Rb5 5g Platform Firmware by Qualcomm

View all CVEs affecting Flight Rb5 5g Platform Firmware →

Mdm9628 Firmware by Qualcomm

View all CVEs affecting Mdm9628 Firmware →

Qam8295p Firmware by Qualcomm

View all CVEs affecting Qam8295p Firmware →

Qca6174a Firmware by Qualcomm

View all CVEs affecting Qca6174a Firmware →

Qca6391 Firmware by Qualcomm

View all CVEs affecting Qca6391 Firmware →

Qca6564a Firmware by Qualcomm

View all CVEs affecting Qca6564a Firmware →

Qca6564au Firmware by Qualcomm

View all CVEs affecting Qca6564au Firmware →

Qca6574 Firmware by Qualcomm

View all CVEs affecting Qca6574 Firmware →

Qca6574a Firmware by Qualcomm

View all CVEs affecting Qca6574a Firmware →

Qca6574au Firmware by Qualcomm

View all CVEs affecting Qca6574au Firmware →

Qca6595au Firmware by Qualcomm

View all CVEs affecting Qca6595au Firmware →

Qca6696 Firmware by Qualcomm

View all CVEs affecting Qca6696 Firmware →

Qca6698aq Firmware by Qualcomm

View all CVEs affecting Qca6698aq Firmware →

Qca6698au Firmware by Qualcomm

View all CVEs affecting Qca6698au Firmware →

Qca6797aq Firmware by Qualcomm

View all CVEs affecting Qca6797aq Firmware →

Qca8081 Firmware by Qualcomm

View all CVEs affecting Qca8081 Firmware →

Qca8337 Firmware by Qualcomm

View all CVEs affecting Qca8337 Firmware →

Qca9377 Firmware by Qualcomm

View all CVEs affecting Qca9377 Firmware →

Qcm2290 Firmware by Qualcomm

View all CVEs affecting Qcm2290 Firmware →

Qcm4490 Firmware by Qualcomm

View all CVEs affecting Qcm4490 Firmware →

Qcm5430 Firmware by Qualcomm

View all CVEs affecting Qcm5430 Firmware →

Qcm6490 Firmware by Qualcomm

View all CVEs affecting Qcm6490 Firmware →

Qcn6024 Firmware by Qualcomm

View all CVEs affecting Qcn6024 Firmware →

Qcn9011 Firmware by Qualcomm

View all CVEs affecting Qcn9011 Firmware →

Qcn9012 Firmware by Qualcomm

View all CVEs affecting Qcn9012 Firmware →

Qcn9024 Firmware by Qualcomm

View all CVEs affecting Qcn9024 Firmware →

Qcs2290 Firmware by Qualcomm

View all CVEs affecting Qcs2290 Firmware →

Qcs410 Firmware by Qualcomm

View all CVEs affecting Qcs410 Firmware →

Qcs4490 Firmware by Qualcomm

View all CVEs affecting Qcs4490 Firmware →

Qcs5430 Firmware by Qualcomm

View all CVEs affecting Qcs5430 Firmware →

Qcs610 Firmware by Qualcomm

View all CVEs affecting Qcs610 Firmware →

Qcs615 Firmware by Qualcomm

View all CVEs affecting Qcs615 Firmware →

Qcs6490 Firmware by Qualcomm

View all CVEs affecting Qcs6490 Firmware →

Qcs7230 Firmware by Qualcomm

View all CVEs affecting Qcs7230 Firmware →

Qcs8550 Firmware by Qualcomm

View all CVEs affecting Qcs8550 Firmware →

Qcs9100 Firmware by Qualcomm

View all CVEs affecting Qcs9100 Firmware →

Qmp1000 Firmware by Qualcomm

View all CVEs affecting Qmp1000 Firmware →

Qrb5165m Firmware by Qualcomm

View all CVEs affecting Qrb5165m Firmware →

Qrb5165n Firmware by Qualcomm

View all CVEs affecting Qrb5165n Firmware →

Qualcomm 215 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Qualcomm 215 Mobile Platform Firmware →

Robotics Rb2 Platform Firmware by Qualcomm

View all CVEs affecting Robotics Rb2 Platform Firmware →

Robotics Rb5 Platform Firmware by Qualcomm

View all CVEs affecting Robotics Rb5 Platform Firmware →

Sa4150p Firmware by Qualcomm

View all CVEs affecting Sa4150p Firmware →

Sa4155p Firmware by Qualcomm

View all CVEs affecting Sa4155p Firmware →

Sa6145p Firmware by Qualcomm

View all CVEs affecting Sa6145p Firmware →

Sa6150p Firmware by Qualcomm

View all CVEs affecting Sa6150p Firmware →

Sa6155p Firmware by Qualcomm

View all CVEs affecting Sa6155p Firmware →

Sa8145p Firmware by Qualcomm

View all CVEs affecting Sa8145p Firmware →

Sa8150p Firmware by Qualcomm

View all CVEs affecting Sa8150p Firmware →

Sa8155p Firmware by Qualcomm

View all CVEs affecting Sa8155p Firmware →

Sa8195p Firmware by Qualcomm

View all CVEs affecting Sa8195p Firmware →

Sa8295p Firmware by Qualcomm

View all CVEs affecting Sa8295p Firmware →

Sd 8 Gen1 5g Firmware by Qualcomm

View all CVEs affecting Sd 8 Gen1 5g Firmware →

Sd660 Firmware by Qualcomm

View all CVEs affecting Sd660 Firmware →

Sd865 5g Firmware by Qualcomm

View all CVEs affecting Sd865 5g Firmware →

Sdx61 Firmware by Qualcomm

View all CVEs affecting Sdx61 Firmware →

Sg8275 Firmware by Qualcomm

View all CVEs affecting Sg8275 Firmware →

Sg8275p Firmware by Qualcomm

View all CVEs affecting Sg8275p Firmware →

Sm6225p Firmware by Qualcomm

View all CVEs affecting Sm6225p Firmware →

Sm6650 Firmware by Qualcomm

View all CVEs affecting Sm6650 Firmware →

Sm6650p Firmware by Qualcomm

View all CVEs affecting Sm6650p Firmware →

Sm7250p Firmware by Qualcomm

View all CVEs affecting Sm7250p Firmware →

Sm7325p Firmware by Qualcomm

View all CVEs affecting Sm7325p Firmware →

Sm7435 Firmware by Qualcomm

View all CVEs affecting Sm7435 Firmware →

Sm7550 Firmware by Qualcomm

View all CVEs affecting Sm7550 Firmware →

Sm7550p Firmware by Qualcomm

View all CVEs affecting Sm7550p Firmware →

Sm7635 Firmware by Qualcomm

View all CVEs affecting Sm7635 Firmware →

Sm7635p Firmware by Qualcomm

View all CVEs affecting Sm7635p Firmware →

Sm7675 Firmware by Qualcomm

View all CVEs affecting Sm7675 Firmware →

Sm7675p Firmware by Qualcomm

View all CVEs affecting Sm7675p Firmware →

Sm8475p Firmware by Qualcomm

View all CVEs affecting Sm8475p Firmware →

Sm8550p Firmware by Qualcomm

View all CVEs affecting Sm8550p Firmware →

Sm8635 Firmware by Qualcomm

View all CVEs affecting Sm8635 Firmware →

Sm8635p Firmware by Qualcomm

View all CVEs affecting Sm8635p Firmware →

Sm8650q Firmware by Qualcomm

View all CVEs affecting Sm8650q Firmware →

Sm8735 Firmware by Qualcomm

View all CVEs affecting Sm8735 Firmware →

Sm8750 Firmware by Qualcomm

View all CVEs affecting Sm8750 Firmware →

Sm8750p Firmware by Qualcomm

View all CVEs affecting Sm8750p Firmware →

Smart Audio 400 Platform Firmware by Qualcomm

View all CVEs affecting Smart Audio 400 Platform Firmware →

Snapdragon 4 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 4 Gen 1 Mobile Platform Firmware →

Snapdragon 4 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 4 Gen 2 Mobile Platform Firmware →

Snapdragon 460 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 460 Mobile Platform Firmware →

Snapdragon 480 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 480 5g Mobile Platform Firmware →

Snapdragon 480\+ 5g Mobile Platform \(sm4350 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 480\+ 5g Mobile Platform \(sm4350 Ac\) Firmware →

Snapdragon 6 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 6 Gen 1 Mobile Platform Firmware →

Snapdragon 660 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 660 Mobile Platform Firmware →

Snapdragon 662 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 662 Mobile Platform Firmware →

Snapdragon 680 4g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 680 4g Mobile Platform Firmware →

Snapdragon 685 4g Mobile Platform \(sm6225 Ad\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 685 4g Mobile Platform \(sm6225 Ad\) Firmware →

Snapdragon 690 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 690 5g Mobile Platform Firmware →

Snapdragon 695 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 695 5g Mobile Platform Firmware →

Snapdragon 7 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 7 Gen 1 Mobile Platform Firmware →

Snapdragon 7\+ Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 7\+ Gen 2 Mobile Platform Firmware →

Snapdragon 765 5g Mobile Platform \(sm7250 Aa\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 765 5g Mobile Platform \(sm7250 Aa\) Firmware →

Snapdragon 765g 5g Mobile Platform \(sm7250 Ab\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 765g 5g Mobile Platform \(sm7250 Ab\) Firmware →

Snapdragon 768g 5g Mobile Platform \(sm7250 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 768g 5g Mobile Platform \(sm7250 Ac\) Firmware →

Snapdragon 778g 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g 5g Mobile Platform Firmware →

Snapdragon 778g\+ 5g Mobile Platform \(sm7325 Ae\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g\+ 5g Mobile Platform \(sm7325 Ae\) Firmware →

Snapdragon 782g Mobile Platform \(sm7325 Af\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 782g Mobile Platform \(sm7325 Af\) Firmware →

Snapdragon 7c\+ Gen 3 Compute Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c\+ Gen 3 Compute Firmware →

Snapdragon 8 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Mobile Platform Firmware →

Snapdragon 8 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Mobile Platform Firmware →

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 2 Mobile Platform Firmware →

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 2 Mobile Platform Firmware →

Snapdragon 8 Gen 3 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 3 Mobile Platform Firmware →

Snapdragon 865 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 865 5g Mobile Platform Firmware →

Snapdragon 865\+ 5g Mobile Platform \(sm8250 Ab\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 865\+ 5g Mobile Platform \(sm8250 Ab\) Firmware →

Snapdragon 870 5g Mobile Platform \(sm8250 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 870 5g Mobile Platform \(sm8250 Ac\) Firmware →

Snapdragon 888 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 888 5g Mobile Platform Firmware →

Snapdragon 888\+ 5g Mobile Platform \(sm8350 Ac\) Firmware by Qualcomm

View all CVEs affecting Snapdragon 888\+ 5g Mobile Platform \(sm8350 Ac\) Firmware →

Snapdragon Ar1 Gen 1 Platform \"luna1\" Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar1 Gen 1 Platform \"luna1\" Firmware →

Snapdragon Ar1 Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar1 Gen 1 Platform Firmware →

Snapdragon Ar2 Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar2 Gen 1 Platform Firmware →

Snapdragon Auto 5g Modem Rf Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →

Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →

Snapdragon X12 Lte Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon X12 Lte Modem Firmware →

Snapdragon X55 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X55 5g Modem Rf System Firmware →

Snapdragon X65 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X65 5g Modem Rf System Firmware →

Snapdragon Xr2 5g Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2 5g Platform Firmware →

Snapdragon Xr2\+ Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2\+ Gen 1 Platform Firmware →

Ssg2115p Firmware by Qualcomm

View all CVEs affecting Ssg2115p Firmware →

Ssg2125p Firmware by Qualcomm

View all CVEs affecting Ssg2125p Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr1230p Firmware by Qualcomm

View all CVEs affecting Sxr1230p Firmware →

Sxr2230p Firmware by Qualcomm

View all CVEs affecting Sxr2230p Firmware →

Sxr2250p Firmware by Qualcomm

View all CVEs affecting Sxr2250p Firmware →

Sxr2330p Firmware by Qualcomm

View all CVEs affecting Sxr2330p Firmware →

Sxr2350p Firmware by Qualcomm

View all CVEs affecting Sxr2350p Firmware →

Video Collaboration Vc1 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc1 Platform Firmware →

Video Collaboration Vc3 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc3 Platform Firmware →

Video Collaboration Vc5 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc5 Platform Firmware →

Wcd9326 Firmware by Qualcomm

View all CVEs affecting Wcd9326 Firmware →

Wcd9335 Firmware by Qualcomm

View all CVEs affecting Wcd9335 Firmware →

Wcd9341 Firmware by Qualcomm

View all CVEs affecting Wcd9341 Firmware →

Wcd9370 Firmware by Qualcomm

View all CVEs affecting Wcd9370 Firmware →

Wcd9371 Firmware by Qualcomm

View all CVEs affecting Wcd9371 Firmware →

Wcd9375 Firmware by Qualcomm

View all CVEs affecting Wcd9375 Firmware →

Wcd9378 Firmware by Qualcomm

View all CVEs affecting Wcd9378 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcd9390 Firmware by Qualcomm

View all CVEs affecting Wcd9390 Firmware →

Wcd9395 Firmware by Qualcomm

View all CVEs affecting Wcd9395 Firmware →

Wcn3615 Firmware by Qualcomm

View all CVEs affecting Wcn3615 Firmware →

Wcn3660b Firmware by Qualcomm

View all CVEs affecting Wcn3660b Firmware →

Wcn3680b Firmware by Qualcomm

View all CVEs affecting Wcn3680b Firmware →

Wcn3910 Firmware by Qualcomm

View all CVEs affecting Wcn3910 Firmware →

Wcn3950 Firmware by Qualcomm

View all CVEs affecting Wcn3950 Firmware →

Wcn3980 Firmware by Qualcomm

View all CVEs affecting Wcn3980 Firmware →

Wcn3988 Firmware by Qualcomm

View all CVEs affecting Wcn3988 Firmware →

Wcn3990 Firmware by Qualcomm

View all CVEs affecting Wcn3990 Firmware →

Wcn6650 Firmware by Qualcomm

View all CVEs affecting Wcn6650 Firmware →

Wcn6740 Firmware by Qualcomm

View all CVEs affecting Wcn6740 Firmware →

Wcn6755 Firmware by Qualcomm

View all CVEs affecting Wcn6755 Firmware →

Wcn7750 Firmware by Qualcomm

View all CVEs affecting Wcn7750 Firmware →

Wcn7860 Firmware by Qualcomm

View all CVEs affecting Wcn7860 Firmware →

Wcn7861 Firmware by Qualcomm

View all CVEs affecting Wcn7861 Firmware →

Wcn7880 Firmware by Qualcomm

View all CVEs affecting Wcn7880 Firmware →

Wcn7881 Firmware by Qualcomm

View all CVEs affecting Wcn7881 Firmware →

Wsa8810 Firmware by Qualcomm

View all CVEs affecting Wsa8810 Firmware →

Wsa8815 Firmware by Qualcomm

View all CVEs affecting Wsa8815 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

Wsa8840 Firmware by Qualcomm

View all CVEs affecting Wsa8840 Firmware →

Wsa8845 Firmware by Qualcomm

View all CVEs affecting Wsa8845 Firmware →

Wsa8845h Firmware by Qualcomm

View all CVEs affecting Wsa8845h Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Session hijacking leading to unauthorized access to sensitive systems or data

🟠

Likely Case

Information leakage about session states or system internals

🟢

If Mitigated

Limited information disclosure with no direct access to sensitive data

🌐 Internet-Facing: LOW with brief explanation

🏢 Internal Only: MEDIUM with brief explanation

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to make IOCTL calls and understand returned hash values

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm January 2026 security bulletin

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for specific patches. 2. Apply vendor-provided firmware/driver updates. 3. Reboot affected systems.

🔧 Temporary Workarounds

Restrict IOCTL access

linux

Limit which processes can make IOCTL calls to affected drivers

Copy

Use SELinux/AppArmor policies to restrict driver access

🧯 If You Can't Patch

• Implement strict access controls to prevent unauthorized userland code execution
• Monitor for unusual IOCTL calls to session-related drivers

🔍 How to Verify

Check if Vulnerable:

Copy

Check Qualcomm chipset/driver versions against advisory

Check Version:

Copy

Check device firmware/driver versions via manufacturer tools

Verify Fix Applied:

Copy

Verify updated driver/firmware versions match patched versions in advisory

📡 Detection & Monitoring

Log Indicators:

• Unusual IOCTL calls to session-related drivers
• Multiple failed session ID requests

Network Indicators:

• Not network exploitable - local vulnerability

SIEM Query:

Copy

Process making unusual IOCTL calls to driver interfaces

📊 Metadata

CVE ID: CVE-2025-47369

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

EPSS Score: 0.01% exploit probability (1.5th percentile)

Published: January 7, 2026

Last Updated: January 27, 2026

🔗 References

• https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html Patch,Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-47369, you might also want to check these:

CVE-2025-61481 10.0

MikroTik RouterOS and SwOS expose their WebFig management interface over unencrypted HTTP by default...

Same vulnerability type (CWE-200)

CVE-2025-53624 10.0

The Docusaurus gists plugin versions before 4.0.0 expose GitHub Personal Access Tokens in client-sid...

Same vulnerability type (CWE-200)

CVE-2023-49103 10.0

This vulnerability in ownCloud's graphapi app exposes PHP configuration details (phpinfo) via a thir...

Same vulnerability type (CWE-200)