CVE-2025-47386
Published: 02 March 2026
Summary
CVE-2025-47386 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Ar8031 Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-4 (Information in Shared System Resources) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Memory protection controls directly mitigate use-after-free vulnerabilities by preventing unauthorized memory access and corruption during concurrent IOCTL operations.
Prevents unauthorized and unintended information transfer via shared system resources, directly addressing concurrent access to the shared buffer that triggers the vulnerability.
Process isolation limits interference between processes or kernel components, reducing the risk of race conditions leading to memory corruption in IOCTL handling.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local use-after-free memory corruption via IOCTL enables kernel/driver exploitation for privilege escalation to full system compromise.
NVD Description
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
Deeper analysisAI
CVE-2025-47386 is a memory corruption vulnerability classified under CWE-416 (Use After Free), triggered by concurrent access to a shared buffer during IOCTL call invocation. It affects components in Qualcomm products, as documented in the vendor's security bulletin.
The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating exploitation requires local access with low privileges, low attack complexity, and no user interaction. A successful attacker can achieve high impacts on confidentiality, integrity, and availability, potentially resulting in full system compromise through memory corruption.
Mitigation details are provided in the Qualcomm March 2026 security bulletin, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html. Security practitioners should consult this advisory for patch information and recommended actions.
Details
- CWE(s)