CVE-2025-47405

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:iqx5121_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:iqx5121:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:iqx7181_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:iqx7181:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qca0000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca0000:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_xr2\+_gen_1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_xr2\+_gen_1:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*

History

06 May 2026, 18:03

Type	Values Removed	Values Added
First Time		Qualcomm wsa8845 Firmware Qualcomm wsa8815 Firmware Qualcomm iqx5121 Firmware Qualcomm iqx5121 Qualcomm wsa8810 Qualcomm snapdragon Xr2\+ Gen 1 Firmware Qualcomm fastconnect 7800 Qualcomm sd865 5g Qualcomm wsa8840 Qualcomm iqx7181 Qualcomm snapdragon Xr2\+ Gen 1 Qualcomm snapdragon Xr2 5g Qualcomm sc8380xp Qualcomm wsa8810 Firmware Qualcomm fastconnect 6900 Firmware Qualcomm fastconnect 6900 Qualcomm wcd9385 Qualcomm wsa8845 Qualcomm iqx7181 Firmware Qualcomm sc8380xp Firmware Qualcomm wsa8840 Firmware Qualcomm qca0000 Firmware Qualcomm snapdragon Xr2 5g Firmware Qualcomm wcd9380 Firmware Qualcomm wsa8815 Qualcomm sd865 5g Firmware Qualcomm wsa8845h Qualcomm wcd9380 Qualcomm fastconnect 7800 Firmware Qualcomm wsa8845h Firmware Qualcomm Qualcomm wcd9385 Firmware Qualcomm qca0000
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html - Vendor Advisory
CWE		CWE-119
CPE		cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:h:qualcomm:iqx7181:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:::::::* cpe:2.3:o:qualcomm:iqx5121_firmware:-:::::::* cpe:2.3:o:qualcomm:sd865_5g_firmware:-:::::::* cpe:2.3:h:qualcomm:sd865_5g:-:::::::* cpe:2.3:h:qualcomm:wcd9385:-:::::::* cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::* cpe:2.3:o:qualcomm:iqx7181_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8845_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8845h:-:::::::* cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_xr2\+_gen_1_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:o:qualcomm:wsa8840_firmware:-:::::::* cpe:2.3:h:qualcomm:qca0000:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:snapdragon_xr2\+_gen_1:-:::::::* cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::* cpe:2.3:h:qualcomm:sc8380xp:-:::::::* cpe:2.3:o:qualcomm:wsa8845h_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:::::::* cpe:2.3:h:qualcomm:wsa8845:-:::::::* cpe:2.3:o:qualcomm:qca0000_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8840:-:::::::* cpe:2.3:o:qualcomm:sc8380xp_firmware:-:::::::* cpe:2.3:h:qualcomm:iqx5121:-:::::::* cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::*

04 May 2026, 17:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-04 17:16

Updated : 2026-05-06 18:03

NVD link : CVE-2025-47405

Mitre link : CVE-2025-47405

CVE.ORG link : CVE-2025-47405

JSON object : View

Products Affected

qualcomm

qca0000
sc8380xp
iqx7181
snapdragon_xr2\+_gen_1
wsa8810
wsa8810_firmware
wsa8840
iqx5121
snapdragon_xr2_5g_firmware
wsa8845h
iqx5121_firmware
sd865_5g
fastconnect_7800
wcd9385_firmware
wcd9385
wsa8845h_firmware
wcd9380_firmware
wsa8845_firmware
wsa8815
sd865_5g_firmware
iqx7181_firmware
fastconnect_7800_firmware
fastconnect_6900_firmware
wsa8840_firmware
fastconnect_6900
snapdragon_xr2_5g
snapdragon_xr2\+_gen_1_firmware
qca0000_firmware
sc8380xp_firmware
wsa8815_firmware
wcd9380
wsa8845

CWE

CWE-822

Untrusted Pointer Dereference

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

7.8 /10