CVE-2025-47378
7.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon | Cologne | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6700 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6800 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6900 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 7800 | affected |
| Qualcomm, Inc. | Snapdragon | LeMans_AU_LGIT | affected |
| Qualcomm, Inc. | Snapdragon | LeMansAU | affected |
| Qualcomm, Inc. | Snapdragon | Pandeiro | affected |
| Qualcomm, Inc. | Snapdragon | QAM8255P | affected |
| Qualcomm, Inc. | Snapdragon | QAMSRV1H | affected |
| Qualcomm, Inc. | Snapdragon | QAMSRV1M | affected |
| Qualcomm, Inc. | Snapdragon | QCA6391 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6595 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6595AU | affected |
| Qualcomm, Inc. | Snapdragon | QCA6696 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6698AQ | affected |
| Qualcomm, Inc. | Snapdragon | QCA6797AQ | affected |
| Qualcomm, Inc. | Snapdragon | QLN1083BD | affected |
| Qualcomm, Inc. | Snapdragon | QLN1086BD | affected |
| Qualcomm, Inc. | Snapdragon | QPA1083BD | affected |
| Qualcomm, Inc. | Snapdragon | QPA1086BD | affected |
| Qualcomm, Inc. | Snapdragon | QXM1083 | affected |
| Qualcomm, Inc. | Snapdragon | QXM1086 | affected |
| Qualcomm, Inc. | Snapdragon | QXM1093 | affected |
| Qualcomm, Inc. | Snapdragon | QXM1094 | affected |
| Qualcomm, Inc. | Snapdragon | QXM1095 | affected |
| Qualcomm, Inc. | Snapdragon | QXM1096 | affected |
| Qualcomm, Inc. | Snapdragon | SA7255P | affected |
| Qualcomm, Inc. | Snapdragon | SA7775P | affected |
| Qualcomm, Inc. | Snapdragon | SA8255P | affected |
| Qualcomm, Inc. | Snapdragon | SA8620P | affected |
| Qualcomm, Inc. | Snapdragon | SA8770P | affected |
| Qualcomm, Inc. | Snapdragon | SA9000P | affected |
| Qualcomm, Inc. | Snapdragon | SAR1165P | affected |
| Qualcomm, Inc. | Snapdragon | SAR1250P | affected |
| Qualcomm, Inc. | Snapdragon | SAR2130P | affected |
| Qualcomm, Inc. | Snapdragon | SAR2230P | affected |
| Qualcomm, Inc. | Snapdragon | SD865 5G | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8 Elite Gen 5 | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 865 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 865+ 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 870 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon AR1 Gen 1 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon AR1+ Gen 1 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X55 5G Modem-RF System | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon XR2 5G Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon XR2+ Gen 1 Platform | affected |
| Qualcomm, Inc. | Snapdragon | SRV1H | affected |
| Qualcomm, Inc. | Snapdragon | SRV1M | affected |
| Qualcomm, Inc. | Snapdragon | SXR2230P | affected |
| Qualcomm, Inc. | Snapdragon | SXR2250P | affected |
| Qualcomm, Inc. | Snapdragon | WCD9378C | affected |
| Qualcomm, Inc. | Snapdragon | WCD9380 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9385 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9395 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3950 | affected |
| Qualcomm, Inc. | Snapdragon | WCN7860 | affected |
| Qualcomm, Inc. | Snapdragon | WCN7861 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8810 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8815 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8830 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8832 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8835 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8840 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8845 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8845H | affected |
| Qualcomm, Inc. | Snapdragon | X2000077 | affected |
| Qualcomm, Inc. | Snapdragon | X2000086 | affected |
| Qualcomm, Inc. | Snapdragon | X2000090 | affected |
| Qualcomm, Inc. | Snapdragon | X2000092 | affected |
| Qualcomm, Inc. | Snapdragon | X2000094 | affected |
| Qualcomm, Inc. | Snapdragon | XG101002 | affected |
| Qualcomm, Inc. | Snapdragon | XG101032 | affected |
| Qualcomm, Inc. | Snapdragon | XG101039 | affected |
Weaknesses
- CWE-497: CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.