Cyber Posture

CVE-2025-47377

High

Published: 02 March 2026

Published
02 March 2026
Modified
04 March 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 4.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-47377 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Ar8035 Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the use-after-free vulnerability in IOCTL processing by requiring timely application of Qualcomm patches from the March 2026 security bulletin.

SI-16 Memory Protection good match
prevent

Implements memory protection safeguards that prevent exploitation of the use-after-free condition for arbitrary code execution during IOCTL handling.

SI-10 Information Input Validation partial match
prevent

Validates IOCTL inputs to block crafted calls that trigger the buffer-after-free memory corruption.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Local use-after-free in IOCTL processing enables arbitrary code execution from low-privileged context, directly mapping to exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.

Deeper analysisAI

CVE-2025-47377 is a memory corruption vulnerability stemming from access to a buffer after it has been freed (CWE-416) while processing IOCTL calls. It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-03-02. The vulnerability affects components in Qualcomm products, as referenced in their security advisories.

A local attacker with low privileges can exploit this issue with low complexity and no user interaction required. By sending crafted IOCTL calls, the attacker triggers the use-after-free condition, enabling memory corruption that results in high impacts to confidentiality, integrity, and availability, such as potential arbitrary code execution within the affected process scope.

Qualcomm's March 2026 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html details patches and mitigation guidance for affected products.

Details

CWE(s)
CWE-416

Affected Products

qualcomm
ar8035 firmware
all versions
qualcomm
fastconnect 6200 firmware
all versions
qualcomm
fastconnect 6900 firmware
all versions
qualcomm
fastconnect 7800 firmware
all versions
qualcomm
flight rb5 5g platform firmware
all versions
qualcomm
fwa gen 3 ultra firmware
all versions
qualcomm
g1 gen 1 firmware
all versions
qualcomm
lemans au lgit firmware
all versions
qualcomm
lemansau firmware
all versions
qualcomm
milos firmware
all versions
+112 more product configuration(s) — see NVD for full list

CVEs Like This One

CVE-2025-47376Same product: Qualcomm Ar8035
CVE-2025-47386Same product: Qualcomm Ar8035
CVE-2025-47375Same product: Qualcomm Ar8035
CVE-2025-47379Same product: Qualcomm Ar8035
CVE-2026-24082Same product: Qualcomm Ar8035
CVE-2025-47398Same product: Qualcomm Fastconnect 6200
CVE-2024-53023Same product: Qualcomm Ar8035
CVE-2025-47339Same product: Qualcomm Ar8035
CVE-2025-21424Same product: Qualcomm Ar8035
CVE-2025-47381Same product: Qualcomm Lemans Au Lgit

References