Skip to main content

Qualcomm Snapdragon EUVDEUVD-2025-209630

| CVE-2025-47405 HIGH
Untrusted Pointer Dereference (CWE-822)
2026-05-04 qualcomm
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 04, 2026 - 17:47 vuln.today
EUVD ID Assigned
May 04, 2026 - 17:15 euvd
EUVD-2025-209630
Analysis Generated
May 04, 2026 - 17:15 vuln.today
CVE Published
May 04, 2026 - 16:43 nvd
HIGH 7.8

DescriptionCVE.org

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

AnalysisAI

Memory corruption in Qualcomm Snapdragon camera subsystem allows local authenticated users to execute arbitrary code with high privileges through crafted input/output control (ioctl) calls targeting camera sensor interfaces with malformed output buffers. CVSS score of 7.8 reflects local attack vector requiring low-privilege account access. No EPSS data or KEV listing at time of analysis, suggesting exploitation has not been publicly observed. Qualcomm security bulletin scheduled for May 2026 indicates vendor-coordinated disclosure with patches expected in that timeframe.

Technical ContextAI

This vulnerability affects the camera sensor driver interface in Qualcomm Snapdragon systems-on-chip (SoC), specifically within the ioctl handler that processes camera sensor configuration commands. The root cause is CWE-822 (Untrusted Pointer Dereference), where the driver fails to properly validate output buffer pointers provided by userspace applications before writing camera sensor data. When an application issues camera sensor control codes (ioctl commands) with invalid or malicious output buffer addresses, the kernel driver writes data to arbitrary memory locations, causing memory corruption. This class of vulnerability typically occurs in device drivers that expose direct hardware control to userspace through character device interfaces (/dev/videoX or similar). Snapdragon SoCs are widely deployed across Android mobile devices, automotive systems, and IoT platforms where camera functionality is driver-managed at the kernel level.

RemediationAI

Apply firmware and driver updates from the Qualcomm May 2026 Security Bulletin when released at https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html. For Android devices, monitor OEM security updates that incorporate Qualcomm patches - deployment typically occurs 1-3 months after Qualcomm release depending on manufacturer. Until patches are available, implement defense-in-depth controls: restrict installation of untrusted applications through mobile device management (MDM) policies and app allowlisting to limit attacker's ability to gain initial local access required for exploitation. Disable camera permissions for non-essential applications via Android permission controls, reducing attack surface exposure to camera ioctl interfaces. Consider isolating high-value devices on separate network segments with enhanced monitoring for privilege escalation indicators (unexpected kernel module loads, process UID changes). Note that disabling camera hardware is not practical for most use cases and does not prevent ioctl exploitation by malicious apps. SELinux enforcing mode on Android provides limited containment but should not be relied upon as primary mitigation for kernel memory corruption.

CVE-2026-25293 CRITICAL
9.6 May 04

Buffer overflow in Qualcomm Snapdragon firmware enables authentication bypass on adjacent networks, allowing remote unau

CVE-2026-25268 HIGH
8.8 Jul 06

Local privilege escalation and memory corruption in Qualcomm Snapdragon WLAN firmware occurs when the driver parses malf

CVE-2026-25277 HIGH
8.8 Jun 01

Memory corruption in Qualcomm Snapdragon Strongbox component allows local low-privileged attackers to trigger a buffer o

CVE-2026-25276 HIGH
8.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon chipsets stems from an out-of-bounds memory access in the Strongbox tr

CVE-2025-47392 HIGH
8.8 Apr 06

Memory corruption in Qualcomm Snapdragon chipsets allows adjacent network attackers to achieve arbitrary code execution

CVE-2026-24088 HIGH
8.2 Jun 01

Bootloader integrity bypass in Qualcomm Snapdragon platforms allows a high-privileged local attacker to write to a speci

CVE-2026-21379 HIGH
7.8 Jul 06

Local privilege escalation via memory corruption affects Qualcomm Snapdragon platforms, where allocating memory with siz

CVE-2025-59616 HIGH
7.8 Jul 06

Use-after-free memory corruption in Qualcomm Snapdragon platform driver code allows a local low-privileged process to tr

CVE-2025-59615 HIGH
7.8 Jul 06

Local privilege escalation via memory corruption affects a broad range of Qualcomm Snapdragon chipsets, where a use-afte

CVE-2026-25259 HIGH
7.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon platforms is possible through memory corruption when processing multip

CVE-2026-25258 HIGH
7.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon platforms stems from an out-of-bounds read (CWE-125) triggered during

CVE-2025-59606 HIGH
7.8 Jun 01

Local privilege escalation and memory corruption in Qualcomm Snapdragon platforms allows an attacker with low-privileged

Share

EUVD-2025-209630 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy