🛡️ CVE-2025-47378
🟠 CVSS 7.1 — High ✅ No Known Exploit CWE-497 NVD
7.1
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.

Details

Severity HIGH
CVSS Score 7.1
CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CWE CWE-497
Public Exploit ✅ No
Source NVD
Published 2026-03-02
Updated 2026-06-02
Modified 2026-03-05
Fix URL N/A

Affected Packages

Software From version Fixed in
cologne-firmware
fastconnect-6700-firmware
fastconnect-6800-firmware
fastconnect-6900-firmware
fastconnect-7800-firmware
lemans-au-lgit-firmware
lemansau-firmware
pandeiro-firmware
qam8255p-firmware
qamsrv1h-firmware
qamsrv1m-firmware
qca6391-firmware
qca6595-firmware
qca6595au-firmware
qca6696-firmware
qca6698aq-firmware
qca6797aq-firmware
qln1083bd-firmware
qln1086bd-firmware
qpa1083bd-firmware
qpa1086bd-firmware
qxm1083-firmware
qxm1086-firmware
qxm1093-firmware
qxm1094-firmware
qxm1095-firmware
qxm1096-firmware
sa7255p-firmware
sa7775p-firmware
sa8255p-firmware
sa8620p-firmware
sa8770p-firmware
sa9000p-firmware
sar1165p-firmware
sar1250p-firmware
sar2130p-firmware
sar2230p-firmware
sd865-5g-firmware
snapdragon-8-elite-gen-5-firmware
snapdragon-865-5g-mobile-platform-firmware
snapdragon-865\+-5g-mobile-platform-firmware
snapdragon-870-5g-mobile-platform-firmware
snapdragon-ar1-gen-1-platform-firmware
snapdragon-ar1\+-gen-1-platform-firmware
snapdragon-x55-5g-modem-rf-system-firmware
snapdragon-xr2-5g-platform-firmware
snapdragon-xr2\+-gen-1-platform-firmware
srv1h-firmware
srv1m-firmware
sxr2230p-firmware
sxr2250p-firmware
wcd9378c-firmware
wcd9380-firmware
wcd9385-firmware
wcd9395-firmware
wcn3950-firmware
wcn7860-firmware
wcn7861-firmware
wsa8810-firmware
wsa8815-firmware
wsa8830-firmware
wsa8832-firmware
wsa8835-firmware
wsa8840-firmware
wsa8845-firmware
wsa8845h-firmware
x2000077-firmware
x2000086-firmware
x2000090-firmware
x2000092-firmware
x2000094-firmware
xg101002-firmware
xg101032-firmware
xg101039-firmware

Similar Threats

Exploit Protection

Help block exploit attempts

BotEraser is designed to detect and help reduce malicious bot traffic that may target known vulnerabilities on your site.

Try BotEraser Free →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.