CVE-2025-47403
published 2026-05-04CVE-2025-47403: Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.
PriorityP337high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.22%
12.0th percentile
Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.
Affected
257 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Qualcomm Snapdragon Auto up to XRV9209 Response Frame buffer over-read
vuldb·2026-05-04·CVSS 6.5
CVE-2025-47403 [MEDIUM] Qualcomm Snapdragon Auto up to XRV9209 Response Frame buffer over-read
A vulnerability classified as critical was found in Qualcomm Snapdragon Auto, Snapdragon CCW, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon MC, Snapdragon Mobile, Snapdragon WBC and Snapdragon Wired Infrastructure and Networking. The impacted element is an unknown function of the component Response Frame Handler. Executing a manipulation can lead to buffer over-read.
This vulnerability is registered as CVE-2025-47403. The attack requires access to the local network. No exploit is available.
Upgrading the affected component is advised.
GHSA
GHSA-w77j-cqm5-vgh4: Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming
ghsa_unreviewed·2026-05-04
CVE-2025-47403 [MEDIUM] CWE-125 GHSA-w77j-cqm5-vgh4: Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming
Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-04
Published