CVE Alert: CVE-2025-47338 – Qualcomm, Inc. – Snapdragon

Risk verdict

High potential impact if exploited, but no evidence of active exploitation currently.

Why this matters

Memory corruption in the DSP service can crash the device or enable code execution with low privileges, risking persistence on the host and potential leakage of sensitive data processed by the DSP. In consumer and embedded deployments, this can translate to user-impact, service disruption, or broader attacker footholds if paired with other flaws.

Most likely attack path

An attacker must be local to the device (AV: Local; UI: None; PR: Low), and could trigger the vulnerability by sending crafted escape commands from userspace to the DSP service. With scope unchanged, successful exploitation could cause high-integrity/availability impact on the device; lateral movement is plausible only within local components, not remote ecosystems.

Who is most exposed

Devices integrating Snapdragon DSP services are at risk, including smartphones, wearables, and IoT platforms using affected silicon revisions or firmware. Organisations with fleet devices or consumer devices that accept untrusted input in DSP-related workflows are most exposed.

Detection ideas

• Unexplained DSP service crashes or watchdog resets
• Memory corruption fault logs or crash dumps tied to userspace DSP processing
• Abnormal surge in escape-command processing events
• Anomalous kernel/user-space boundary faults originating from DSP interfaces
• Unusual device reboots linked to DSP activity

Mitigation and prioritisation

• Apply vendor firmware/软件 updates addressing the DSP memory corruption fix.
• Enforce strict input validation on any escape-command interface to DSP services.
• Enable and verify memory-safety mitigations and per-process isolation around the DSP path.
• Monitor for DSP crashes, fault addresses, and anomalous escape-command traffic; establish alerting.
• If KEV true or EPSS ≥ 0.5, treat as priority 1.