CVE Alert: CVE-2025-47318 – Qualcomm, Inc. – Snapdragon
CVE-2025-47318
HIGHNo exploitation known
Transient DOS while parsing the EPTM test control message to get the test pattern.
CVSS v3.1 (7.5)
AV NETWORK · AC LOW · PR NONE · UI NONE · S UNCHANGED
Vendor
Qualcomm, Inc.
Product
Snapdragon
Versions
APQ8017 | APQ8064AU | AQT1000 | AR8031 | AR8035 | CSRA6620 | CSRA6640 | CSRB31024 | FastConnect 6200 | FastConnect 6700 | FastConnect 6800 | FastConnect 6900 | FastConnect 7800 | Flight RB5 5G Platform | Home Hub 100 Platform | Immersive Home 214 Platform | Immersive Home 216 Platform | Immersive Home 316 Platform | Immersive Home 318 Platform | IPQ5010 | IPQ5028 | MDM9628 | MDM9640 | MSM8996AU | QAM8255P | QAM8295P | QAM8650P | QAM8775P | QAMSRV1H | QAMSRV1M | QCA1062 | QCA1064 | QCA2066 | QCA4024 | QCA6174A | QCA6175A | QCA6391 | QCA6420 | QCA6430 | QCA6554A | QCA6564A | QCA6564AU | QCA6574 | QCA6574A | QCA6574AU | QCA6584 | QCA6584AU | QCA6595 | QCA6595AU | QCA6678AQ | QCA6688AQ | QCA6696 | QCA6698AQ | QCA6797AQ | QCA8081 | QCA8337 | QCC2073 | QCC2076 | QCC5161 | QCC710 | QCC711 | QCC7225 | QCC7226 | QCC7228 | QCM6125 | QCN6023 | QCN6024 | QCN6100 | QCN6102 | QCN6112 | QCN6122 | QCN6132 | QCN6224 | QCN6274 | QCN7605 | QCN7606 | QCN9000 | QCN9001 | QCN9002 | QCN9003 | QCN9011 | QCN9012 | QCN9022 | QCN9024 | QCN9070 | QCN9072 | QCN9074 | QCN9100 | QCN9274 | QCS6125 | QCS7230 | QCS8250 | QFW7114 | QFW7124 | QRB5165M | QRB5165N | Qualcommr Video Collaboration VC1 Platform | Qualcommr Video Collaboration VC5 Platform | Robotics RB5 Platform | S3 Gen 2 Sound Platform | S3 Sound Platform | S5 Gen 2 Sound Platform | S5 Sound Platform | SA4150P | SA4155P | SA6145P | SA6150P | SA6155 | SA6155P | SA7255P | SA7775P | SA8145P | SA8150P | SA8155 | SA8155P | SA8195P | SA8255P | SA8295P | SA8620P | SA8650P | SA8770P | SA8775P | SA9000P | SD 8 Gen1 5G | SD865 5G | SDX55 | SDX61 | SG8275 | SG8275P | SM7325P | SM8550P | SM8750 | SM8750P | Smart Audio 400 Platform | Snapdragon 778G 5G Mobile Platform | Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) | Snapdragon 782G Mobile Platform (SM7325-AF) | Snapdragon 7c+ Gen 3 Compute | Snapdragon 8 Gen 1 Mobile Platform | Snapdragon 8 Gen 2 Mobile Platform | Snapdragon 8+ Gen 2 Mobile Platform | Snapdragon 820 Automotive Platform | Snapdragon 865 5G Mobile Platform | Snapdragon 865+ 5G Mobile Platform (SM8250-AB) | Snapdragon 870 5G Mobile Platform (SM8250-AC) | Snapdragon 888 5G Mobile Platform | Snapdragon 888+ 5G Mobile Platform (SM8350-AC) | Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite" | Snapdragon 8cx Compute Platform (SC8180X-AA, AB) | Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro" | Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) | Snapdragon AR1 Gen 1 Platform | Snapdragon AR1 Gen 1 Platform "Luna1" | Snapdragon AR2 Gen 1 Platform | Snapdragon Auto 5G Modem-RF | Snapdragon Auto 5G Modem-RF Gen 2 | Snapdragon W5+ Gen 1 Wearable Platform | Snapdragon X5 LTE Modem | Snapdragon X55 5G Modem-RF System | Snapdragon X65 5G Modem-RF System | Snapdragon X72 5G Modem-RF System | Snapdragon X75 5G Modem-RF System | Snapdragon XR2 5G Platform | Snapdragon XR2+ Gen 1 Platform | Snapdragon Auto 4G Modem | SRV1H | SRV1M | SSG2115P | SSG2125P | SW5100 | SW5100P | SXR1230P | SXR2230P | SXR2250P | WCD9326 | WCD9335 | WCD9340 | WCD9341 | WCD9360 | WCD9370 | WCD9375 | WCD9380 | WCD9385 | WCD9390 | WCD9395 | WCN3950 | WCN3980 | WCN6740 | WCN7860 | WCN7861 | WCN7880 | WCN7881 | WSA8810 | WSA8815 | WSA8830 | WSA8832 | WSA8835 | WSA8840 | WSA8845 | WSA8845H
CWE
CWE-126, CWE-126 Buffer Over-read
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Published
2025-09-24T15:33:51.163Z
Updated
2025-09-24T17:28:16.793Z
References
AI Summary Analysis
Risk verdict
Remote network-triggered transient DoS on Qualcomm Snapdragon devices; no active exploitation indicated at present.
Why this matters
The vulnerability can render affected devices temporarily unavailable by mishandling EPTM test control messages, potentially disrupting automotive, IoT, and mobile deployments that rely on BT controllers and related subsystems. With high availability at stake, repeated attempts could degrade service across connected ecosystems.
Most likely attack path
- Attack vector: NETWORK, requiring no authentication or user interaction.
- Precondition: reachable device over network with access to the BT/EPTM test control handling path.
- Exploitation: a crafted or malformed message could trigger a buffer over-read, causing a DoS; impact is limited to availability, with no confidentiality or integrity loss.
Who is most exposed
Devices exposing Bluetooth controller interfaces and test/control message handling within Snapdragon-based platforms (e.g., automotive infotainment, smart devices, wearables) are most at risk, especially where remote management or diagnostics channels are accessible.
Detection ideas
- Unexplained service outages or watchdog resets tied to Bluetooth subsystem activity.
- Crash dumps or kernel panics originating from BT controller code paths.
- Unusual network traffic targeting BT/control channels during diagnostics or testing.
- Logs showing parsing errors or buffer over-read indicators in EPTM handling.
Mitigation and prioritisation
- Apply vendor firmware/secure bulletin updates when released; treat as priority for patching when available.
- Implement network access controls to restrict remote management/test channels to trusted hosts.
- Disable or harden EPTM/test control message handling where feasible until patches arrive.
- Enable rigorous monitoring of BT subsystem stability and crash-related events.
- Coordinate firmware change management; validate fixes in staging before production rollout. If active exploitation indicators emerge or EPSS rises, elevate to priority 1.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
