CVE-2025-47380
Published: 07 January 2026
Summary
CVE-2025-47380 is a high-severity Untrusted Pointer Dereference (CWE-822) vulnerability in Qualcomm Wsa8845H Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 6.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Implements memory protection mechanisms such as address space layout randomization, stack canaries, and non-executable memory to directly prevent exploitation of untrusted pointer dereference leading to memory corruption in sensors IOCTL preprocessing.
Requires validation and sanitization of IOCTL inputs to block malicious untrusted pointers from causing memory corruption during sensors component preprocessing.
Restricts low-privilege access to sensor I/O devices and ports, limiting the ability to send crafted IOCTLs that trigger the memory corruption vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local memory corruption via untrusted IOCTL pointer dereference directly enables kernel-level code execution and privilege escalation from low-privileged context.
NVD Description
Memory corruption while preprocessing IOCTLs in sensors.
Deeper analysisAI
CVE-2025-47380 is a memory corruption vulnerability, classified under CWE-822 (Untrusted Pointer Dereference), that occurs while preprocessing IOCTLs in the sensors component. It affects Qualcomm products and was published on 2026-01-07 with a CVSS v3.1 base score of 7.8 (High), reflecting a local attack vector (AV:L), low attack complexity (AC:L), low privileges required (PR:L), no user interaction (UI:N), and unchanged scope (S:U) with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H).
A local attacker possessing low privileges can exploit this vulnerability by crafting and sending malicious IOCTLs to the affected sensors preprocessing functionality. Successful exploitation enables memory corruption, potentially allowing the attacker to achieve high-level impacts such as unauthorized data access, modification of system integrity, or denial of service through crashes or code execution.
Qualcomm's January 2026 security bulletin addresses this vulnerability, providing details on affected versions and recommended patches or mitigations, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html.
Details
- CWE(s)