CVE-2025-47405 PUBLISHED

Untrusted Pointer Dereference in Camera

Assigner: qualcomm
Reserved: 06.05.2025 Published: 04.05.2026 Updated: 05.05.2026

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 7.8

Product Status

Vendor Qualcomm, Inc.
Product Snapdragon
Versions Default: unaffected
  • Version FastConnect 6900 is affected
  • Version FastConnect 7800 is affected
  • Version IQX5121 is affected
  • Version IQX7181 is affected
  • Version QCA0000 is affected
  • Version SC8380XP is affected
  • Version SD865 5G is affected
  • Version Snapdragon XR2 5G Platform is affected
  • Version Snapdragon XR2+ Gen 1 Platform is affected
  • Version WCD9380 is affected
  • Version WCD9385 is affected
  • Version WSA8810 is affected
  • Version WSA8815 is affected
  • Version WSA8840 is affected
  • Version WSA8845 is affected
  • Version WSA8845H is affected

References

Problem Types

  • CWE-822 Untrusted Pointer Dereference CWE