Cyber Posture

CVE-2025-47345

High

Published: 07 January 2026

Published
07 January 2026
Modified
27 January 2026
KEV Added
Patch
CVSS Score 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
EPSS Score 0.0002 4.2th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-47345 is a high-severity Reusing a Nonce, Key Pair in Encryption (CWE-323) vulnerability in Qualcomm Wcd9385 Firmware. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-13 (Cryptographic Protection) and SC-28 (Protection of Information at Rest).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly requires identification, reporting, and correction of the specific cryptographic flaw in license data encryption, preventing exploitation of CVE-2025-47345.

SC-13 Cryptographic Protection good match
prevent

Mandates implementation of appropriate cryptographic mechanisms to protect license data confidentiality and integrity against the vulnerability during encryption.

SC-28 Protection of Information at Rest good match
prevent

Requires cryptographic protection of information at rest, including license data, to comprehensively mitigate confidentiality and integrity impacts from the encryption flaw.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Local crypto flaw (nonce/key reuse) in license encryption yields scope-changing high C/I impact from low privs, enabling exploitation for privilege escalation.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Cryptographic issue may occur while encrypting license data.

Deeper analysisAI

CVE-2025-47345 is a cryptographic vulnerability that may occur while encrypting license data in Qualcomm products. Published on 2026-01-07, it carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N) and maps to CWE-323.

A local attacker with low privileges can exploit this issue with low attack complexity and no user interaction. Exploitation enables high impacts on confidentiality and integrity, with a scope change to high.

Qualcomm's January 2026 security bulletin details the vulnerability and associated mitigations at https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html.

Details

CWE(s)
CWE-323

Affected Products

qualcomm
wcd9385 firmware
all versions
qualcomm
wcd9390 firmware
all versions
qualcomm
wcd9395 firmware
all versions
qualcomm
wcn3950 firmware
all versions
qualcomm
wcn3988 firmware
all versions
qualcomm
wcn6650 firmware
all versions
qualcomm
wcn6755 firmware
all versions
qualcomm
wcn7750 firmware
all versions
qualcomm
wcn7860 firmware
all versions
qualcomm
wcn7861 firmware
all versions
+95 more product configuration(s) — see NVD for full list

CVEs Like This One

CVE-2025-47346Same product: Qualcomm Ar8035
CVE-2025-47339Same product: Qualcomm Ar8035
CVE-2025-47348Same product: Qualcomm Ar8035
CVE-2025-47377Same product: Qualcomm Ar8035
CVE-2024-49833Same product: Qualcomm Fastconnect 6700
CVE-2025-47389Same product: Qualcomm Ar8035
CVE-2025-47373Same product: Qualcomm Ar8035
CVE-2024-53023Same product: Qualcomm Ar8035
CVE-2024-53024Same product: Qualcomm Ar8035
CVE-2025-47391Same product: Qualcomm Fastconnect 6200

References