CVE-2025-47323 is an integer overflow vulnerability classified under CWE-190 affecting numerous Qualcomm Snapdragon chipsets and platforms, including mobile, compute, wearable, and automotive product lines. The flaw arises during the routing of General Packet Radio (GPR) packets between user and root privilege levels when handling large data packets. Specifically, the integer overflow or wraparound leads to memory corruption, which can be exploited to execute arbitrary code or cause denial of service. The vulnerability requires local privilege (PR:L) but no user interaction (UI:N), and the attack vector is local (AV:L), meaning an attacker must have some level of access to the device. The CVSS v3.1 score of 7.8 reflects high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). The affected product list is extensive, covering many Snapdragon generations and variants such as Snapdragon 8 Gen 1/2/3, Snapdragon 7 Gen 1, various FastConnect modules, and modem-RF systems. The vulnerability was published on December 18, 2025, with no known exploits in the wild at this time. The root cause is an unchecked integer operation that causes buffer overflows or memory corruption when processing large GPR packets, potentially allowing privilege escalation or arbitrary code execution within the device's kernel or firmware components. Due to the critical role of Snapdragon chipsets in mobile communications, IoT, automotive, and wearable devices, this vulnerability poses a significant risk to device security and user data integrity.

European organizations using devices powered by affected Qualcomm Snapdragon chipsets face risks including unauthorized code execution, privilege escalation, data leakage, and denial of service. This can impact mobile devices, automotive systems, industrial IoT, and wearable technology, potentially disrupting business operations, compromising sensitive data, and affecting critical infrastructure. The vulnerability’s local attack vector means that attackers need some form of local access, which could be achieved through physical access, compromised applications, or insider threats. Given the widespread use of Snapdragon platforms in smartphones and embedded systems across Europe, the potential scale of impact is significant. In automotive and industrial contexts, exploitation could lead to safety risks or operational downtime. The high confidentiality, integrity, and availability impact ratings indicate that successful exploitation could severely undermine trust in affected devices and services.

1. Monitor Qualcomm and device vendors for official patches and apply them promptly once available. 2. Implement strict access controls to limit local access to devices, including enforcing strong authentication and restricting physical access. 3. Employ endpoint detection and response (EDR) solutions to monitor for suspicious local activity indicative of exploitation attempts. 4. Enforce application whitelisting and sandboxing to reduce the risk of malicious code execution with local privileges. 5. Limit the size and rate of GPR packets where possible through network and device-level controls to mitigate triggering the overflow. 6. Conduct regular security audits and penetration testing focusing on local privilege escalation vectors. 7. For automotive and industrial deployments, ensure secure boot and firmware integrity checks are enforced to prevent persistence of malicious code. 8. Educate users and administrators about the risks of local privilege escalation and the importance of device hygiene. 9. Consider network segmentation to isolate critical devices and reduce the attack surface. 10. Maintain up-to-date inventories of devices using affected Snapdragon platforms to prioritize patching and mitigation efforts.