Cyber Resilience

CVE-2025-47375

High

Published: 02 March 2026

Published
02 March 2026
Modified
04 March 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 4.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-47375 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Qcm4325 Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-51 (Hardware-based Protection) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-47375 is a memory corruption vulnerability classified under CWE-416 (Use After Free), triggered by simultaneous handling of different IOCTL calls from user-space. It carries a CVSS v3.1 base score of 7.8 (High), with vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability affects Qualcomm products, as documented in their March 2026 security bulletin.

A local attacker with low privileges can exploit this issue with low complexity and no user interaction required. Successful exploitation enables high-impact outcomes, including unauthorized data access, modification of system integrity, and denial of service through full confidentiality, integrity, and availability compromise, potentially leading to arbitrary code execution or privilege escalation within the affected component.

The Qualcomm March 2026 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html details affected products, patch availability, and recommended mitigations for this vulnerability.

EU & UK References

Vulnerability details

Memory corruption while handling different IOCTL calls from the user-space simultaneously.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local use-after-free memory corruption in Qualcomm IOCTL handling directly enables local exploitation for privilege escalation and arbitrary code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-47386Same product: Qualcomm Ar8031
CVE-2025-47376Same product: Qualcomm Ar8031
CVE-2025-47379Same product: Qualcomm Ar8031
CVE-2025-47377Same product: Qualcomm Ar8035
CVE-2026-24082Same product: Qualcomm Ar8031
CVE-2025-47398Same product: Qualcomm Ar8031
CVE-2025-21424Same product: Qualcomm Ar8031
CVE-2024-45553Same product: Qualcomm Ar8035
CVE-2024-53023Same product: Qualcomm Ar8035
CVE-2025-47339Same product: Qualcomm Ar8035

Affected Assets

qualcomm
qcm4325 firmware
all versions
qualcomm
qcm5430 firmware
all versions
qualcomm
qcm6125 firmware
all versions
qualcomm
qcm6490 firmware
all versions
qualcomm
qcn6224 firmware
all versions
qualcomm
qcn6274 firmware
all versions
qualcomm
qcn9011 firmware
all versions
qualcomm
qcn9012 firmware
all versions
qualcomm
qcs2290 firmware
all versions
qualcomm
qcs4290 firmware
all versions
+159 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the Use After Free memory corruption in Qualcomm IOCTL handling by identifying, prioritizing, and applying vendor-specific patches from the March 2026 security bulletin.

prevent

Implements memory protection mechanisms like ASLR, DEP, and stack canaries to comprehensively prevent exploitation of the concurrent IOCTL-triggered Use After Free vulnerability.

prevent

Employs hardware-based protections such as memory isolation and trusted execution environments to block unauthorized code execution from the kernel memory corruption during simultaneous IOCTL processing.

References