Missing Authentication for Critical Function in SMSS_CVE-2025-47357

8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

Description

Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.

Basic Information

ID CVE-2025-47357

Source qualcomm

Published Nov 4, 2025 at 03:19

Affected Product

Vendor Qualcomm, Inc.

Product Snapdragon

Version QAM8255P

Affected Versions Qualcomm, Inc. Snapdragon QAM8255P
Qualcomm, Inc. Snapdragon QAM8620P
Qualcomm, Inc. Snapdragon QAM8650P
Qualcomm, Inc. Snapdragon QAM8775P
Qualcomm, Inc. Snapdragon QAMSRV1H
Qualcomm, Inc. Snapdragon QAMSRV1M
Qualcomm, Inc. Snapdragon QCA6595
Qualcomm, Inc. Snapdragon QCA6595AU
Qualcomm, Inc. Snapdragon QCA6678AQ
Qualcomm, Inc. Snapdragon QCA6696
Qualcomm, Inc. Snapdragon QCA6698AQ
Qualcomm, Inc. Snapdragon QCA6797AQ
Qualcomm, Inc. Snapdragon QCS9100
Qualcomm, Inc. Snapdragon SA7255P
Qualcomm, Inc. Snapdragon SA7775P
Qualcomm, Inc. Snapdragon SA8255P
Qualcomm, Inc. Snapdragon SA8620P
Qualcomm, Inc. Snapdragon SA8650P
Qualcomm, Inc. Snapdragon SA8770P
Qualcomm, Inc. Snapdragon SA8775P
Qualcomm, Inc. Snapdragon SA9000P
Qualcomm, Inc. Snapdragon SRV1H
Qualcomm, Inc. Snapdragon SRV1L
Qualcomm, Inc. Snapdragon SRV1M

CWE Classification

CWE-306

References

docs.qualcomm.com /product/publicresources/securitybulletin/november-2025-bulletin.html

{
    "lastseen": "",
    "description": "Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.",
    "published": "2025-11-04T03:19:17.319Z",
    "modified": "2025-11-04T03:19:17.319Z",
    "type": "cve",
    "title": "Missing Authentication for Critical Function in SMSS",
    "source": "qualcomm",
    "references": "https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2025-bulletin.html",
    "id": "CVE-2025-47357",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "Qualcomm, Inc. Snapdragon QAM8255P\nQualcomm, Inc. Snapdragon QAM8620P\nQualcomm, Inc. Snapdragon QAM8650P\nQualcomm, Inc. Snapdragon QAM8775P\nQualcomm, Inc. Snapdragon QAMSRV1H\nQualcomm, Inc. Snapdragon QAMSRV1M\nQualcomm, Inc. Snapdragon QCA6595\nQualcomm, Inc. Snapdragon QCA6595AU\nQualcomm, Inc. Snapdragon QCA6678AQ\nQualcomm, Inc. Snapdragon QCA6696\nQualcomm, Inc. Snapdragon QCA6698AQ\nQualcomm, Inc. Snapdragon QCA6797AQ\nQualcomm, Inc. Snapdragon QCS9100\nQualcomm, Inc. Snapdragon SA7255P\nQualcomm, Inc. Snapdragon SA7775P\nQualcomm, Inc. Snapdragon SA8255P\nQualcomm, Inc. Snapdragon SA8620P\nQualcomm, Inc. Snapdragon SA8650P\nQualcomm, Inc. Snapdragon SA8770P\nQualcomm, Inc. Snapdragon SA8775P\nQualcomm, Inc. Snapdragon SA9000P\nQualcomm, Inc. Snapdragon SRV1H\nQualcomm, Inc. Snapdragon SRV1L\nQualcomm, Inc. Snapdragon SRV1M",
    "sourceHref": "",
    "cvss": {
        "score": 8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Snapdragon",
    "version": "QAM8255P",
    "vendor": "Qualcomm, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}