Msm8996au Firmware
CVE-2025-47362
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Lifecycle Timeline
2DescriptionCVE.org
Information disclosure while processing message from client with invalid payload.
AnalysisAI
Information disclosure while processing message from client with invalid payload. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-126. Information disclosure while processing message from client with invalid payload. Affected products include: Qualcomm Msm8996Au Firmware, Qualcomm Qam8255P Firmware, Qualcomm Qam8295P Firmware, Qualcomm Qam8620P Firmware, Qualcomm Qam8650P Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Msm8996au Firmware
View allInformation disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t
CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoL
CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that o
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Memory corruption while processing input message passed from FE driver. Rated high severity (CVSS 7.8), this vulnerabili
Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high se
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSp
Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely
Transient DOS while parsing the EPTM test control message to get the test pattern. Rated high severity (CVSS 7.5), this
Memory corruption while accessing MSM channel map and mixer functions. Rated medium severity (CVSS 6.6), this vulnerabil
Memory corruption during concurrent access to server info object due to unprotected critical field. Rated medium severit
Same weakness CWE-126 – Buffer Over-read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today