Cyber Resilience

CVE-2025-47393

High

Published: 07 January 2026

Published
07 January 2026
Modified
27 January 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 3.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-47393 is a high-severity Improper Validation of Array Index (CWE-129) vulnerability in Qualcomm Qam8255P Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-47393 is a memory corruption vulnerability stemming from improper validation of array index (CWE-129) that occurs when accessing resources in a kernel driver. It affects components in Qualcomm products, as documented in the vendor's January 2026 security bulletin. The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact.

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables high confidentiality, integrity, and availability impacts, potentially allowing the attacker to gain elevated control over the affected system through kernel-level memory corruption.

Qualcomm's security advisory at https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html provides details on mitigation, including available patches for affected products. Security practitioners should consult this bulletin for specific remediation steps.

EU & UK References

Vulnerability details

Memory corruption when accessing resources in kernel driver.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Kernel memory corruption in driver (CWE-129) directly enables local privilege escalation from low-priv user to kernel-level control.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-49837Same product: Qualcomm Qam8255P
CVE-2024-49833Same product: Qualcomm Qam8255P
CVE-2024-49834Same product: Qualcomm Qam8255P
CVE-2024-53022Same product: Qualcomm Qam8255P
CVE-2024-53032Same product: Qualcomm Qam8255P
CVE-2024-53031Same product: Qualcomm Qam8255P
CVE-2024-53012Same product: Qualcomm Qam8255P
CVE-2024-53014Same product: Qualcomm Qam8255P
CVE-2025-47363Same product: Qualcomm Qam8255P
CVE-2026-25276Same product: Qualcomm Qca6797Aq

Affected Assets

qualcomm
qam8255p firmware
all versions
qualcomm
qam8650p firmware
all versions
qualcomm
qam8775p firmware
all versions
qualcomm
qamsrv1h firmware
all versions
qualcomm
qamsrv1m firmware
all versions
qualcomm
qca6595 firmware
all versions
qualcomm
qca6698aq firmware
all versions
qualcomm
qca6797aq firmware
all versions
qualcomm
sa7255p firmware
all versions
qualcomm
sa7775p firmware
all versions
+8 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the vulnerability by requiring timely identification, reporting, and patching of the specific kernel driver memory corruption flaw.

prevent

Addresses the root cause of improper array index validation (CWE-129) by enforcing validation of inputs to kernel drivers.

prevent

Provides comprehensive memory safeguards such as ASLR and DEP to protect against exploitation of kernel memory corruption.

References