CVE-2025-47405 – Qualcomm Camera Untrusted Pointer Dereference Vulnerability Allowing Memory Corruption

Vulnerability

A vulnerability exists in Qualcomm chipsets that allows for memory corruption by processing camera sensor control codes with invalid output buffers. This issue is present in several chipsets, including those used in mobile platforms and automotive applications.

Impact

Exploitation of this vulnerability leads to memory corruption, which can potentially be exploited to execute arbitrary code or cause a denial-of-service condition.

Remediation

Qualcomm has notified device manufacturers about this vulnerability and is actively sharing patches. Instructions for applying the patch can be found in the Qualcomm May 2026 Security Bulletin.

Added: May 4, 2026, 5:41 PM

Updated: May 4, 2026, 5:41 PM

Affected Products

Qualcomm FastConnect 6900

0 remedies

cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm FastConnect 7800

0 remedies

cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm IQX5121

0 remedies

>= 6.0, < 6.1

Qualcomm IQX7181

0 remedies

>= 6.0, < 6.1

Qualcomm QCA0000

0 remedies

cpe:2.3:h:qualcomm:qca0000:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm SC8380XP

0 remedies

cpe:2.3:h:qualcomm:sc8380xp:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm SD865 5G

0 remedies

cpe:2.3:h:qualcomm:sd865_5g:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm Snapdragon XR2 5G Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_xr2_5g:*:*:*:*:*:*:*, +3 more

0 remedies

>= 6.0, < 6.1

Qualcomm Snapdragon XR2+ Gen 1 Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_xr2+_gen_1_platform:*:*:*:*:*:*:*, +3 more

0 remedies

>= 6.0, < 6.1

Qualcomm WCD9380

0 remedies

cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm WCD9385

0 remedies

cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm WSA8810

0 remedies

cpe:2.3:h:qualcomm:wsa8810:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm WSA8815

0 remedies

cpe:2.3:h:qualcomm:wsa8815:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm WSA8840

0 remedies

cpe:2.3:h:qualcomm:wsa8840:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm WSA8845

0 remedies

cpe:2.3:h:qualcomm:wsa8845:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

Qualcomm WSA8845H

0 remedies

cpe:2.3:h:qualcomm:wsa8845h:*:*:*:*:*:*:*, +1 more

0 remedies

>= 6.0, < 6.1

CVSS Scores

volerion

4.8

CVSS 4.0

4.8

Medium

volerion

3.3

CVSS 3.1

3.3

Low

Vendor

7.8

CVSS 3.1

7.8

High

Click a row to open the calculator.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html

AdvisoryBundleRemedyVendor

Showing 1-1 of 1 references

Qualcomm Camera Untrusted Pointer Dereference Vulnerability Allowing Memory Corruption

Vulnerability

Impact

Remediation

Affected Products

Qualcomm FastConnect 6900

Qualcomm FastConnect 7800

Qualcomm IQX5121

Qualcomm IQX7181

Qualcomm QCA0000

Qualcomm SC8380XP

Qualcomm SD865 5G

Qualcomm Snapdragon XR2 5G Platform

Qualcomm Snapdragon XR2+ Gen 1 Platform

Qualcomm WCD9380

Qualcomm WCD9385

Qualcomm WSA8810

Qualcomm WSA8815

Qualcomm WSA8840

Qualcomm WSA8845

Qualcomm WSA8845H

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating