CVE-2025-47389
Published: 06 April 2026
Summary
CVE-2025-47389 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Qualcomm Ar8035 Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely remediation through patching of the specific integer overflow in buffer copy during attestation report generation, as detailed in Qualcomm's security bulletin.
Provides memory protections like address space randomization and non-executable memory to block exploitation of the memory corruption vulnerability.
Mandates validation of information inputs including buffer sizes to mitigate integer overflows leading to unchecked buffer copies.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local memory corruption (integer overflow/buffer overflow) in Qualcomm components directly enables privilege escalation via arbitrary code execution or memory manipulation from low-privileged local context.
NVD Description
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Deeper analysisAI
CVE-2025-47389 is a memory corruption vulnerability caused by an integer overflow during a buffer copy operation when generating attestation reports. It is associated with CWE-120 (Buffer Copy without Checking Size of Input) and affects components in Qualcomm products, as referenced in their security bulletin.
The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating it requires local access with low privileges and low attack complexity, with no user interaction needed. A successful exploit by such an attacker can result in high impacts to confidentiality, integrity, and availability.
Qualcomm's April 2026 security bulletin (https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html) provides information on mitigation, including details on affected products and available patches.
Details
- CWE(s)