Cyber Resilience

CVE-2025-47389

High

Published: 06 April 2026

Published
06 April 2026
Modified
08 April 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 0.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-47389 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Qualcomm Ar8035 Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-47389 is a memory corruption vulnerability caused by an integer overflow during a buffer copy operation when generating attestation reports. It is associated with CWE-120 (Buffer Copy without Checking Size of Input) and affects components in Qualcomm products, as referenced in their security bulletin.

The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating it requires local access with low privileges and low attack complexity, with no user interaction needed. A successful exploit by such an attacker can result in high impacts to confidentiality, integrity, and availability.

Qualcomm's April 2026 security bulletin (https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html) provides information on mitigation, including details on affected products and available patches.

EU & UK References

Vulnerability details

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local memory corruption (integer overflow/buffer overflow) in Qualcomm components directly enables privilege escalation via arbitrary code execution or memory manipulation from low-privileged local context.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-47373Same product: Qualcomm Ar8035
CVE-2025-47394Same product: Qualcomm Fastconnect 6200
CVE-2025-47388Same product: Qualcomm Fastconnect 6200
CVE-2024-45541Same product: Qualcomm Fastconnect 6200
CVE-2025-59600Same product: Qualcomm Ar8035
CVE-2026-21382Same product: Qualcomm Cologne
CVE-2024-21464Same product: Qualcomm Fastconnect 6700
CVE-2025-47399Same product: Qualcomm Cologne
CVE-2026-21385Same product: Qualcomm Ar8035
CVE-2026-24085Same product: Qualcomm Ar8035

Affected Assets

qualcomm
ar8035 firmware
all versions
qualcomm
cologne firmware
all versions
qualcomm
csra6620 firmware
all versions
qualcomm
csra6640 firmware
all versions
qualcomm
fastconnect 6200 firmware
all versions
qualcomm
snapdragon x35 5g modem-rf system firmware
all versions
qualcomm
snapdragon x53 5g modem-rf system firmware
all versions
qualcomm
snapdragon x55 5g modem-rf system firmware
all versions
qualcomm
snapdragon x72 5g modem-rf system firmware
all versions
qualcomm
snapdragon x75 5g modem-rf system firmware
all versions
+171 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation through patching of the specific integer overflow in buffer copy during attestation report generation, as detailed in Qualcomm's security bulletin.

prevent

Provides memory protections like address space randomization and non-executable memory to block exploitation of the memory corruption vulnerability.

prevent

Mandates validation of information inputs including buffer sizes to mitigate integer overflows leading to unchecked buffer copies.

References