What is the CVSS score of CVE-2025-47405?

CVE-2025-47405 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Qualcomm Snapdragon are affected by CVE-2025-47405?

CVE-2025-47405 is a high-severity memory corruption vulnerability in Qualcomm Snapdragon camera subsystems that enables local authenticated users to escalate privileges and execute arbitrary code.

How to fix or mitigate CVE-2025-47405?

Within 24 hours: Identify and document all organizational devices using Qualcomm Snapdragon chipsets (check device inventory management systems and MDM platforms). Within 7 days: Restrict camera application permissions on affected devices to essential business use only; implement application-level access controls through MDM policies. Within 30 days: Establish a vulnerability tracking process for Qualcomm's May 2026 security bulletin; prepare patch deployment procedures and test patch compatibility in staging environments once released.

Qualcomm Snapdragon CVE-2025-47405

EUVD-2025-209630 HIGH

Untrusted Pointer Dereference (CWE-822)

2026-05-04 qualcomm

Buffer Overflow

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 04, 2026 - 17:47 vuln.today

EUVD ID Assigned

May 04, 2026 - 17:15 euvd

EUVD-2025-209630

Analysis Generated

May 04, 2026 - 17:15 vuln.today

CVE Published

May 04, 2026 - 16:43 nvd

HIGH 7.8

DescriptionNVD

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

AnalysisAI

Memory corruption in Qualcomm Snapdragon camera subsystem allows local authenticated users to execute arbitrary code with high privileges through crafted input/output control (ioctl) calls targeting camera sensor interfaces with malformed output buffers. CVSS score of 7.8 reflects local attack vector requiring low-privilege account access. No EPSS data or KEV listing at time of analysis, suggesting exploitation has not been publicly observed. Qualcomm security bulletin scheduled for May 2026 indicates vendor-coordinated disclosure with patches expected in that timeframe.

Technical ContextAI

This vulnerability affects the camera sensor driver interface in Qualcomm Snapdragon systems-on-chip (SoC), specifically within the ioctl handler that processes camera sensor configuration commands. The root cause is CWE-822 (Untrusted Pointer Dereference), where the driver fails to properly validate output buffer pointers provided by userspace applications before writing camera sensor data. When an application issues camera sensor control codes (ioctl commands) with invalid or malicious output buffer addresses, the kernel driver writes data to arbitrary memory locations, causing memory corruption. This class of vulnerability typically occurs in device drivers that expose direct hardware control to userspace through character device interfaces (/dev/videoX or similar). Snapdragon SoCs are widely deployed across Android mobile devices, automotive systems, and IoT platforms where camera functionality is driver-managed at the kernel level.

RemediationAI

Apply firmware and driver updates from the Qualcomm May 2026 Security Bulletin when released at https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html. For Android devices, monitor OEM security updates that incorporate Qualcomm patches - deployment typically occurs 1-3 months after Qualcomm release depending on manufacturer. Until patches are available, implement defense-in-depth controls: restrict installation of untrusted applications through mobile device management (MDM) policies and app allowlisting to limit attacker's ability to gain initial local access required for exploitation. Disable camera permissions for non-essential applications via Android permission controls, reducing attack surface exposure to camera ioctl interfaces. Consider isolating high-value devices on separate network segments with enhanced monitoring for privilege escalation indicators (unexpected kernel module loads, process UID changes). Note that disabling camera hardware is not practical for most use cases and does not prevent ioctl exploitation by malicious apps. SELinux enforcing mode on Android provides limited containment but should not be relied upon as primary mitigation for kernel memory corruption.

CVE-2025-47405 vulnerability details – vuln.today

Back

Qualcomm Snapdragon CVE-2025-47405

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code