Cyber Posture

CVE-2025-47381

High

Published: 02 March 2026

Published
02 March 2026
Modified
04 March 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 4.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-47381 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Lemans Au Lgit Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and SC-4 (Information in Shared System Resources).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-16 Memory Protection good match
prevent

SI-16 implements safeguards to protect system memory from unauthorized access and modification, directly preventing Use After Free memory corruption from concurrent shared buffer access during IOCTL processing.

SC-4 Information in Shared System Resources good match
prevent

SC-4 enforces controls on information in shared system resources like buffers, mitigating concurrent access that triggers memory corruption in IOCTL handlers.

AC-25 Reference Monitor good match
prevent

AC-25 requires a reference monitor to mediate all subject-object accesses, preventing improper concurrent access to shared buffers causing memory corruption.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Local memory corruption (UAF in IOCTL) directly enables arbitrary code execution for privilege escalation on affected Qualcomm components.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

Deeper analysisAI

CVE-2025-47381 is a memory corruption vulnerability classified under CWE-416 (Use After Free), triggered while processing IOCTL calls due to concurrent access to a shared buffer. It affects Qualcomm products, as documented in their security bulletin.

The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating it can be exploited by a local attacker with low privileges. Exploitation requires low complexity and no user interaction, allowing the attacker to achieve high impacts on confidentiality, integrity, and availability, such as potential arbitrary code execution through memory corruption.

Mitigation details are available in the Qualcomm March 2026 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html.

Details

CWE(s)
CWE-416

Affected Products

qualcomm
lemans au lgit firmware
all versions
qualcomm
lemansau firmware
all versions
qualcomm
qam8255p firmware
all versions
qualcomm
qamsrv1h firmware
all versions
qualcomm
qamsrv1m firmware
all versions
qualcomm
qca6574 firmware
all versions
qualcomm
qca6574a firmware
all versions
qualcomm
qca6574au firmware
all versions
qualcomm
qca6595 firmware
all versions
qualcomm
qca6595au firmware
all versions
+15 more product configuration(s) — see NVD for full list

CVEs Like This One

CVE-2025-47377Same product: Qualcomm Lemans Au Lgit
CVE-2024-53023Same product: Qualcomm Qam8255P
CVE-2025-47398Same product: Qualcomm Lemans Au Lgit
CVE-2025-47375Same product: Qualcomm Lemans Au Lgit
CVE-2025-47376Same product: Qualcomm Lemans Au Lgit
CVE-2025-47386Same product: Qualcomm Lemans Au Lgit
CVE-2026-24082Same product: Qualcomm Lemans Au Lgit
CVE-2025-47379Same product: Qualcomm Lemans Au Lgit
CVE-2025-47339Same product: Qualcomm Qam8255P
CVE-2025-21424Same product: Qualcomm Qam8255P

References