Cyber Resilience

CVE-2025-47339

High

Published: 07 January 2026

Published
07 January 2026
Modified
27 January 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 3.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-47339 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Fastconnect 6900 Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-47339 is a memory corruption vulnerability, classified under CWE-416 (Use After Free), that occurs during the deinitialization of a HDCP (High-bandwidth Digital Content Protection) session. It affects components in Qualcomm products, as detailed in the vendor's security bulletin. The vulnerability carries a CVSS v3.1 base score of 7.8, reflecting high severity due to its potential for significant impact.

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables high-impact consequences, including unauthorized access to confidential data, modification of system integrity, and disruption of availability, potentially leading to arbitrary code execution within the affected component's context.

Qualcomm's January 2026 security bulletin provides details on the vulnerability, including affected products and recommended mitigations or patches; practitioners should consult https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html for specific remediation steps.

EU & UK References

Vulnerability details

Memory corruption while deinitializing a HDCP session.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local use-after-free memory corruption enabling arbitrary code execution from low privileges directly matches exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-45571Same product: Qualcomm Ar8035
CVE-2025-47377Same product: Qualcomm Ar8035
CVE-2024-45553Same product: Qualcomm Ar8035
CVE-2024-43057Same product: Qualcomm Ar8035
CVE-2025-47375Same product: Qualcomm Ar8035
CVE-2025-47386Same product: Qualcomm Ar8035
CVE-2025-47376Same product: Qualcomm Ar8035
CVE-2026-24082Same product: Qualcomm Ar8035
CVE-2025-47379Same product: Qualcomm Ar8035
CVE-2025-21424Same product: Qualcomm Ar8035

Affected Assets

qualcomm
fastconnect 6900 firmware
all versions
qualcomm
fastconnect 7800 firmware
all versions
qualcomm
immersive home 214 platform firmware
all versions
qualcomm
immersive home 216 platform firmware
all versions
qualcomm
immersive home 316 platform firmware
all versions
qualcomm
immersive home 318 platform firmware
all versions
qualcomm
ipq4018 firmware
all versions
qualcomm
ipq4019 firmware
all versions
qualcomm
ipq4028 firmware
all versions
qualcomm
ipq4029 firmware
all versions
+175 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-2 mandates timely flaw remediation by applying Qualcomm's patch for this specific Use After Free vulnerability in HDCP deinitialization.

prevent

SI-16 implements memory protection mechanisms that directly counter Use After Free memory corruption like in this CVE.

prevent

SC-39 process isolation confines arbitrary code execution to the affected HDCP component's context, limiting impact.

References