Qualcomm TEE memory corruption via TA length bypass
CVE-2025-47373 Published on March 2, 2026
Out-of-bounds Write in Automotive
Memory Corruption when accessing buffers with invalid length during TA invocation.
Vulnerability Analysis
CVE-2025-47373 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
Weakness Type
What is a Memory Corruption Vulnerability?
The software writes data past the end, or before the beginning, of the intended buffer. Typically, this can result in corruption of data, a crash, or code execution. The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
CVE-2025-47373 has been classified to as a Memory Corruption vulnerability or weakness.
Products Associated with CVE-2025-47373
Want to know whenever a new CVE is published for Qualcomm Snapdragon? stack.watch will email you.
Affected Versions
Qualcomm, Inc. Snapdragon:- Version AR8035 is affected.
- Version Cologne is affected.
- Version FastConnect 6200 is affected.
- Version FastConnect 6700 is affected.
- Version FastConnect 6900 is affected.
- Version FastConnect 7800 is affected.
- Version FWA Gen 3 Ultra Platform is affected.
- Version G1 Gen 1 is affected.
- Version G2 Gen 1 is affected.
- Version IQ6 Series Platform is affected.
- Version IQ8 Series Platform is affected.
- Version IQ9 Series Platform is affected.
- Version LeMans_AU_LGIT is affected.
- Version LeMansAU is affected.
- Version Milos is affected.
- Version Monaco_IOT is affected.
- Version Netrani is affected.
- Version Orne is affected.
- Version Palawan25 is affected.
- Version Pandeiro is affected.
- Version QAM8255P is affected.
- Version QAM8295P is affected.
- Version QAM8620P is affected.
- Version QAMSRV1H is affected.
- Version QAMSRV1M is affected.
- Version QCA0000 is affected.
- Version QCA6174A is affected.
- Version QCA6391 is affected.
- Version QCA6574 is affected.
- Version QCA6574A is affected.
- Version QCA6574AU is affected.
- Version QCA6584AU is affected.
- Version QCA6595 is affected.
- Version QCA6595AU is affected.
- Version QCA6678AQ is affected.
- Version QCA6688AQ is affected.
- Version QCA6696 is affected.
- Version QCA6698AQ is affected.
- Version QCA6698AU is affected.
- Version QCA6797AQ is affected.
- Version QCA8081 is affected.
- Version QCA8337 is affected.
- Version QCA8695AU is affected.
- Version QCC710 is affected.
- Version QCM4325 is affected.
- Version QCM4490 is affected.
- Version QCM5430 is affected.
- Version QCM6490 is affected.
- Version QCN6224 is affected.
- Version QCN6274 is affected.
- Version QCN9011 is affected.
- Version QCN9012 is affected.
- Version QCS4290 is affected.
- Version QCS4490 is affected.
- Version QCS8550 is affected.
- Version QDX1010 is affected.
- Version QDX1011 is affected.
- Version QEP8111 is affected.
- Version QFW7114 is affected.
- Version QFW7124 is affected.
- Version QLN1083BD is affected.
- Version QLN1086BD is affected.
- Version QMP1000 is affected.
- Version QPA1083BD is affected.
- Version QPA1086BD is affected.
- Version QRU1032 is affected.
- Version Qualcomm Dragonwing QRU100 Platform is affected.
- Version Qualcomm Dragonwing X100 Accelerator Card is affected.
- Version Qualcomm Video Collaboration VC3 Platform is affected.
- Version QXM1083 is affected.
- Version QXM1086 is affected.
- Version QXM1093 is affected.
- Version QXM1094 is affected.
- Version QXM1095 is affected.
- Version QXM1096 is affected.
- Version SA6145P is affected.
- Version SA6150P is affected.
- Version SA6155P is affected.
- Version SA7255P is affected.
- Version SA7775P is affected.
- Version SA8145P is affected.
- Version SA8150P is affected.
- Version SA8155P is affected.
- Version SA8195P is affected.
- Version SA8255P is affected.
- Version SA8295P is affected.
- Version SA8540P is affected.
- Version SA8620P is affected.
- Version SA8770P is affected.
- Version SA9000P is affected.
- Version SAR1165P is affected.
- Version SAR1250P is affected.
- Version SAR2130P is affected.
- Version SAR2230P is affected.
- Version SC8380XP is affected.
- Version SD 8 Gen1 5G is affected.
- Version SD662 is affected.
- Version SM6225P is affected.
- Version SM6650P is affected.
- Version SM7435 is affected.
- Version SM7550 is affected.
- Version SM7550P is affected.
- Version SM7635P is affected.
- Version SM7675 is affected.
- Version SM7675P is affected.
- Version SM8475P is affected.
- Version SM8550P is affected.
- Version SM8635 is affected.
- Version SM8635P is affected.
- Version SM8650Q is affected.
- Version SM8750P is affected.
- Version Snapdragon 4 Gen 1 Mobile Platform is affected.
- Version Snapdragon 4 Gen 2 Mobile Platform is affected.
- Version Snapdragon 460 Mobile Platform is affected.
- Version Snapdragon 480 5G Mobile Platform is affected.
- Version Snapdragon 480+ 5G Mobile Platform is affected.
- Version Snapdragon 6 Gen 1 Mobile Platform is affected.
- Version Snapdragon 6 Gen 3 Mobile Platform is affected.
- Version Snapdragon 6 Gen 4 Mobile Platform is affected.
- Version Snapdragon 662 Mobile Platform is affected.
- Version Snapdragon 680 4G Mobile Platform is affected.
- Version Snapdragon 685 4G Mobile Platform is affected.
- Version Snapdragon 695 5G Mobile Platform is affected.
- Version Snapdragon 7 Gen 1 Mobile Platform is affected.
- Version Snapdragon 7+ Gen 2 Mobile Platform is affected.
- Version Snapdragon 7s Gen 3 Mobile Platform is affected.
- Version Snapdragon 8 Elite is affected.
- Version Snapdragon 8 Elite Gen 5 is affected.
- Version Snapdragon 8 Gen 1 Mobile Platform is affected.
- Version Snapdragon 8 Gen 2 Mobile Platform is affected.
- Version Snapdragon 8 Gen 3 Mobile Platform is affected.
- Version Snapdragon 8+ Gen 1 Mobile Platform is affected.
- Version Snapdragon 8+ Gen 2 Mobile Platform is affected.
- Version Snapdragon AR1 Gen 1 Platform is affected.
- Version Snapdragon AR1+ Gen 1 Platform is affected.
- Version Snapdragon Auto 5G Modem-RF Gen 2 is affected.
- Version Snapdragon X32 5G Modem-RF System is affected.
- Version Snapdragon X35 5G Modem-RF System is affected.
- Version Snapdragon X72 5G Modem-RF System is affected.
- Version Snapdragon X75 5G Modem-RF System is affected.
- Version SRV1H is affected.
- Version SRV1L is affected.
- Version SRV1M is affected.
- Version SW6100 is affected.
- Version SW6100P is affected.
- Version SXR2230P is affected.
- Version SXR2250P is affected.
- Version SXR2330P is affected.
- Version SXR2350P is affected.
- Version Themisto is affected.
- Version WCD9340 is affected.
- Version WCD9370 is affected.
- Version WCD9371 is affected.
- Version WCD9375 is affected.
- Version WCD9378 is affected.
- Version WCD9378C is affected.
- Version WCD9380 is affected.
- Version WCD9385 is affected.
- Version WCD9390 is affected.
- Version WCD9395 is affected.
- Version WCN3910 is affected.
- Version WCN3950 is affected.
- Version WCN3988 is affected.
- Version WCN6450 is affected.
- Version WCN6650 is affected.
- Version WCN6755 is affected.
- Version WCN7860 is affected.
- Version WCN7861 is affected.
- Version WCN7880 is affected.
- Version WCN7881 is affected.
- Version WSA8810 is affected.
- Version WSA8815 is affected.
- Version WSA8830 is affected.
- Version WSA8832 is affected.
- Version WSA8835 is affected.
- Version WSA8840 is affected.
- Version WSA8845 is affected.
- Version WSA8845H is affected.
- Version X2000077 is affected.
- Version X2000086 is affected.
- Version X2000090 is affected.
- Version X2000092 is affected.
- Version X2000094 is affected.
- Version XG101002 is affected.
- Version XG101032 is affected.
- Version XG101039 is affected.
Exploit Probability
EPSS
0.01%
Percentile
1.83%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.