Fastconnect 6200 Firmware CVE-2025-47388
HIGH
Classic Buffer Overflow (CWE-120)
2026-01-07
product-security@qualcomm.com
Memory Corruption
Fastconnect 6200 Firmware
Fastconnect 6700 Firmware
Fastconnect 6900 Firmware
Fastconnect 7800 Firmware
Qcs610 Firmware
Qmp1000 Firmware
Sg6150 Firmware
Sg6150p Firmware
Sm6475 Firmware
Sm7435 Firmware
Sm8735 Firmware
Sm8750 Firmware
Sm8750p Firmware
Snapdragon 4 Gen 2 Mobile Platform Firmware
Snapdragon 6 Gen 1 Mobile Platform Firmware
Sw5100 Firmware
Sw5100p Firmware
Sxr2330p Firmware
Sxr2350p Firmware
Video Collaboration Vc1 Platform Firmware
Video Collaboration Vc3 Platform Firmware
Wcd9370 Firmware
Wcd9375 Firmware
Wcd9378 Firmware
Wcd9380 Firmware
Wcd9385 Firmware
Wcd9395 Firmware
Wcn3950 Firmware
Wcn3980 Firmware
Wcn3988 Firmware
Wcn6755 Firmware
Wcn7750 Firmware
Wcn7860 Firmware
Wcn7861 Firmware
Wcn7880 Firmware
Wcn7881 Firmware
Wsa8810 Firmware
Wsa8815 Firmware
Wsa8830 Firmware
Wsa8832 Firmware
Wsa8835 Firmware
Wsa8840 Firmware
Wsa8845 Firmware
Wsa8845h Firmware
7.8
CVSS 3.1
Share
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Lifecycle Timeline
3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
Patch released
Jan 27, 2026 - 19:22 nvd
Patch available
CVE Published
Jan 07, 2026 - 12:17 nvd
HIGH 7.8
DescriptionNVD
Memory corruption while passing pages to DSP with an unaligned starting address.
AnalysisAI
Memory corruption while passing pages to DSP with an unaligned starting address. [CVSS 7.8 HIGH]
Technical ContextAI
Classified as CWE-120 (Classic Buffer Overflow). Affects Fastconnect 6200 Firmware. Memory corruption while passing pages to DSP with an unaligned starting address.
RemediationAI
A vendor patch is available — apply it immediately. Enable ASLR, DEP/NX, and stack canaries where possible.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).