Qcm4490 Firmware
CVE-2025-47373
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Memory Corruption when accessing buffers with invalid length during TA invocation.
AnalysisAI
Memory Corruption when accessing buffers with invalid length during TA invocation. [CVSS 7.8 HIGH]
Technical ContextAI
Classified as CWE-787 (Out-of-bounds Write). Affects Fastconnect 7800 Firmware. Memory Corruption when accessing buffers with invalid length during TA invocation.
RemediationAI
Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.
More in Qcm4490 Firmware
View allQualcomm GPU micronode contains a memory corruption vulnerability (CVE-2025-21480, CVSS 8.6) caused by unauthorized comm
A second Qualcomm GPU micronode memory corruption vulnerability (CVE-2025-21479, CVSS 8.6) exists in the unauthorized co
A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo
Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call. Rated critical severity (CVSS 9.8), t
Memory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vul
Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this v
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vuln
Memory corruption in Modem while processing security related configuration before AS Security Exchange. Rated critical s
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulner
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received
Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Memory Corruption
View allShare
External POC / Exploit Code
Leaving vuln.today