CVE Alert: CVE-2025-47340 – Qualcomm, Inc. – Snapdragon

Risk verdict

Moderate risk of local device compromise due to memory corruption in the DSP service; no current exploitation indicators in SSVC or KEV.

Why this matters

Memory corruption in IOCTL processing can enable arbitrary code execution with high impact on confidentiality, integrity and availability. Realistically, an attacker with local access could destabilise or take control of the affected component, potentially exposing user data or enabling further system compromise.

Most likely attack path

Exploitation requires local access and low privileges, with no user interaction required. An attacker could trigger the IOCTL path to corrupt memory, potentially gaining higher privileges or kernel-level access, but lateral movement would be constrained by the local-access prerequisite and unchanged scope.

Who is most exposed

Devices using Qualcomm Snapdragon DSP services, including smartphones and wearables, are most at risk; deployments at scale in consumer devices heighten potential impact.

Detection ideas

• Unusual crashes or kernel oops tied to the DSP IOCTL interface.
• Anomalous IOCTL request patterns or frequency to the DSP service.
• Memory corruption-related logs or diagnostics in system logs.
• Increased DSP service crashes on devices with affected components.
• Firmware or driver integrity checks failing after IOCTL operations.

Mitigation and prioritisation

• Apply vendor security bulletin fixes and update firmware to the corrected DSP service image.
• Restrict or sandbox IOCTL access to the DSP interface where feasible.

-Enable strict input validation and memory-safety mitigations in firmware/driver code.

• Coordinate patching with OEMs and device manufacturers; test thoroughly before rollout.
• If KEV is true or EPSS ≥ 0.5, treat as priority 1. If KEV is true or EPSS ≥ 0.5, state: “treat as priority 1.”