CVE-2025-47357 — Missing Authentication for Critical Function in INC Snapdragon

Severity

7.8HIGHNVD

EPSS

0.0%

top 97.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 4

Description

Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶CVEListV5qualcomm_inc/snapdragon24 versions+23

GHSA

GHSA-6c5m-fv99-g9g5: Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions↗2025-11-04

▶