CVE-2025-47317

high-risk

Published 2025-09-24

Memory corruption due to global buffer overflow when a test command uses an invalid payload type.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Fastconnect 6200 Firmware

Fastconnect 6700 Firmware

Fastconnect 7800 Firmware

Qcc5161 Firmware

Qcc710 Firmware

Qcc711 Firmware

Qcc7225 Firmware

Qcc7226 Firmware

Qcc7228 Firmware

Qmp1000 Firmware

S3 Gen 2 Sound Platform Firmware

S3 Sound Platform Firmware

S5 Gen 2 Sound Platform Firmware

S5 Sound Platform Firmware

Sm6475 Firmware

Sm6650 Firmware

Sm6650P Firmware

Sm7435 Firmware

Sm7550 Firmware

Sm7550P Firmware

Qualcomm

Vendor Advisory https://docs.qualcomm.com/product/publicresources/securitybulletin/september-202...

/ 100

high-risk

Severity 24/34 · High

Exploitability 0/34 · Minimal

Exposure 26/34 · High