CVE-2025-47357 - 漏洞详情

CVE-2025-47357 (CNNVD-202511-242)

HIGH

中文标题:

Qualcomm Chipsets 访问控制错误漏洞

英文标题:

Missing Authentication for Critical Function in SMSS

CVSS分数: 8.0

发布时间: 2025-11-04 03:19:17

漏洞类型: 授权问题

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v3

漏洞描述

中文描述:

Qualcomm Chipsets是美国高通（Qualcomm）公司的一系列芯片组。 Qualcomm Chipsets存在访问控制错误漏洞，该漏洞源于用户级驱动程序执行QFPROM读取或写入操作时，可能导致信息泄露。

英文描述:

Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.

CWE类型:

CWE-306

受影响产品

厂商	产品	版本	版本范围	平台	CPE
Qualcomm, Inc.	Snapdragon	QAM8255P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qam8255p:::::::*`
Qualcomm, Inc.	Snapdragon	QAM8620P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qam8620p:::::::*`
Qualcomm, Inc.	Snapdragon	QAM8650P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qam8650p:::::::*`
Qualcomm, Inc.	Snapdragon	QAM8775P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qam8775p:::::::*`
Qualcomm, Inc.	Snapdragon	QAMSRV1H	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qamsrv1h:::::::*`
Qualcomm, Inc.	Snapdragon	QAMSRV1M	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qamsrv1m:::::::*`
Qualcomm, Inc.	Snapdragon	QCA6595	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qca6595:::::::*`
Qualcomm, Inc.	Snapdragon	QCA6595AU	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qca6595au:::::::*`
Qualcomm, Inc.	Snapdragon	QCA6678AQ	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qca6678aq:::::::*`
Qualcomm, Inc.	Snapdragon	QCA6696	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qca6696:::::::*`
Qualcomm, Inc.	Snapdragon	QCA6698AQ	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qca6698aq:::::::*`
Qualcomm, Inc.	Snapdragon	QCA6797AQ	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qca6797aq:::::::*`
Qualcomm, Inc.	Snapdragon	QCS9100	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:qcs9100:::::::*`
Qualcomm, Inc.	Snapdragon	SA7255P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:sa7255p:::::::*`
Qualcomm, Inc.	Snapdragon	SA7775P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:sa7775p:::::::*`
Qualcomm, Inc.	Snapdragon	SA8255P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:sa8255p:::::::*`
Qualcomm, Inc.	Snapdragon	SA8620P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:sa8620p:::::::*`
Qualcomm, Inc.	Snapdragon	SA8650P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:sa8650p:::::::*`
Qualcomm, Inc.	Snapdragon	SA8770P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:sa8770p:::::::*`
Qualcomm, Inc.	Snapdragon	SA8775P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:sa8775p:::::::*`
Qualcomm, Inc.	Snapdragon	SA9000P	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:sa9000p:::::::*`
Qualcomm, Inc.	Snapdragon	SRV1H	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:srv1h:::::::*`
Qualcomm, Inc.	Snapdragon	SRV1L	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:srv1l:::::::*`
Qualcomm, Inc.	Snapdragon	SRV1M	-	-	`cpe:2.3:a:qualcomm,_inc.:snapdragon:srv1m:::::::*`
qualcomm	qam8255p_firmware	-	-	-	`cpe:2.3:o:qualcomm:qam8255p_firmware:-:::::::*`
qualcomm	qam8620p_firmware	-	-	-	`cpe:2.3:o:qualcomm:qam8620p_firmware:-:::::::*`
qualcomm	qam8650p_firmware	-	-	-	`cpe:2.3:o:qualcomm:qam8650p_firmware:-:::::::*`
qualcomm	qam8775p_firmware	-	-	-	`cpe:2.3:o:qualcomm:qam8775p_firmware:-:::::::*`
qualcomm	qamsrv1h_firmware	-	-	-	`cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:::::::*`
qualcomm	qamsrv1m_firmware	-	-	-	`cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:::::::*`
qualcomm	qca6595_firmware	-	-	-	`cpe:2.3:o:qualcomm:qca6595_firmware:-:::::::*`
qualcomm	qca6595au_firmware	-	-	-	`cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::*`
qualcomm	qca6678aq_firmware	-	-	-	`cpe:2.3:o:qualcomm:qca6678aq_firmware:-:::::::*`
qualcomm	qca6696_firmware	-	-	-	`cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::*`
qualcomm	qca6698aq_firmware	-	-	-	`cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::*`
qualcomm	qca6797aq_firmware	-	-	-	`cpe:2.3:o:qualcomm:qca6797aq_firmware:-:::::::*`
qualcomm	qcs9100_firmware	-	-	-	`cpe:2.3:o:qualcomm:qcs9100_firmware:-:::::::*`
qualcomm	sa7255p_firmware	-	-	-	`cpe:2.3:o:qualcomm:sa7255p_firmware:-:::::::*`
qualcomm	sa7775p_firmware	-	-	-	`cpe:2.3:o:qualcomm:sa7775p_firmware:-:::::::*`
qualcomm	sa8255p_firmware	-	-	-	`cpe:2.3:o:qualcomm:sa8255p_firmware:-:::::::*`
qualcomm	sa8620p_firmware	-	-	-	`cpe:2.3:o:qualcomm:sa8620p_firmware:-:::::::*`
qualcomm	sa8650p_firmware	-	-	-	`cpe:2.3:o:qualcomm:sa8650p_firmware:-:::::::*`
qualcomm	sa8770p_firmware	-	-	-	`cpe:2.3:o:qualcomm:sa8770p_firmware:-:::::::*`
qualcomm	sa8775p_firmware	-	-	-	`cpe:2.3:o:qualcomm:sa8775p_firmware:-:::::::*`
qualcomm	sa9000p_firmware	-	-	-	`cpe:2.3:o:qualcomm:sa9000p_firmware:-:::::::*`
qualcomm	srv1h_firmware	-	-	-	`cpe:2.3:o:qualcomm:srv1h_firmware:-:::::::*`
qualcomm	srv1l_firmware	-	-	-	`cpe:2.3:o:qualcomm:srv1l_firmware:-:::::::*`
qualcomm	srv1m_firmware	-	-	-	`cpe:2.3:o:qualcomm:srv1m_firmware:-:::::::*`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

无标题 OTHER
cve.org

访问

CVSS评分详情

3.1 (cna)

HIGH

8.0

CVSS向量: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

机密性

HIGH

完整性

LOW

可用性

HIGH

时间信息

发布时间:

2025-11-04 03:19:17

修改时间:

2025-11-04 19:18:49

创建时间:

2025-11-11 15:40:35

更新时间:

2025-11-11 16:00:22

利用信息

暂无可利用代码信息

数据源详情

数据源	记录ID	版本	提取时间
CVE	`cve_CVE-2025-47357`	2025-11-11 15:23:23	2025-11-11 07:40:35
NVD	`nvd_CVE-2025-47357`	2025-11-11 15:01:08	2025-11-11 07:48:23
CNNVD	`cnnvd_CNNVD-202511-242`	2025-11-11 15:13:01	2025-11-11 08:00:22

版本与语言

当前版本: v3

主要语言: EN

支持语言:

EN ZH

安全公告

暂无安全公告信息

变更历史

v3 CNNVD

2025-11-11 16:00:22

vulnerability_type: 未提取 → 授权问题; cnnvd_id: 未提取 → CNNVD-202511-242; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']

查看详细变更

vulnerability_type: 未提取 -> 授权问题
cnnvd_id: 未提取 -> CNNVD-202511-242
data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']

v2 NVD

2025-11-11 15:48:23

affected_products_count: 24 → 48; data_sources: ['cve'] → ['cve', 'nvd']

查看详细变更

affected_products_count: 24 -> 48
data_sources: ['cve'] -> ['cve', 'nvd']

CVE-2025-47357 (CNNVD-202511-242)

中文标题:

Qualcomm Chipsets 访问控制错误漏洞

英文标题:

Missing Authentication for Critical Function in SMSS

漏洞描述

中文描述:

英文描述:

CWE类型:

标签:

受影响产品

解决方案

中文解决方案:

英文解决方案:

临时解决方案:

参考链接

CVSS评分详情

3.1 (cna)

时间信息

利用信息

数据源详情

版本与语言

安全公告

变更历史