CVE-2025-47356
Published: 07 January 2026
Summary
CVE-2025-47356 is a high-severity Double Free (CWE-415) vulnerability in Qualcomm Cologne Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 6.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-4 (Information in Shared System Resources) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-2 requires timely remediation of flaws such as this double free memory corruption vulnerability through application of vendor patches from Qualcomm's security bulletin.
SI-16 enforces memory protections like address space layout randomization and data execution prevention that directly mitigate exploitation of memory corruption from double free errors.
SC-4 prevents unauthorized access and modification of shared system resources by concurrent threads, directly addressing the race condition leading to this double free vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local memory corruption (double-free) with low privileges directly enables exploitation for privilege escalation to achieve arbitrary code execution and full system compromise.
NVD Description
Memory Corruption when multiple threads concurrently access and modify shared resources.
Deeper analysisAI
CVE-2025-47356 is a memory corruption vulnerability stemming from multiple threads concurrently accessing and modifying shared resources, mapped to CWE-415 (Double Free). It affects components in Qualcomm products, as documented in the vendor's January 2026 security bulletin. The vulnerability received a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity with local attack vector, low attack complexity, and low privileges required.
A local attacker with low privileges can exploit this issue without user interaction. Exploitation allows achievement of high impacts across confidentiality, integrity, and availability, potentially leading to full system compromise through arbitrary code execution or denial of service.
Qualcomm's security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html provides details on affected products, patches, and recommended mitigations. Security practitioners should consult this advisory for version-specific remediation steps.
Details
- CWE(s)