CVE-2025-47335 is a classic buffer overflow vulnerability (CWE-120) found in Qualcomm Snapdragon chipsets, specifically in the parsing logic for clock configuration data related to certain hardware types. The vulnerability occurs due to a lack of proper size checking before copying input data into a buffer, leading to memory corruption. This can cause arbitrary code execution or system crashes, compromising confidentiality, integrity, and availability. The affected products include a broad range of Qualcomm FastConnect modules (e.g., 6700, 6900, 7800) and Snapdragon SoCs (e.g., SM6650, SM7635, Snapdragon 8 Gen 3 Mobile Platform), as well as various wireless connectivity components (WCD, WCN, WSA series). The CVSS 3.1 score is 6.7, reflecting a medium severity with attack vector local, low attack complexity, high privileges required, no user interaction, and impacts on all three security properties. Exploitation requires local privileged access, which limits remote exploitation but still poses a significant risk if an attacker gains elevated access. No public exploits or patches are currently available, increasing the urgency for monitoring and mitigation. The vulnerability was reserved in May 2025 and published in January 2026, indicating a recent discovery. Given the widespread use of Qualcomm chipsets in mobile phones, IoT devices, and embedded systems, this vulnerability has a broad potential impact.

For European organizations, the vulnerability poses a significant risk primarily to mobile devices, embedded systems, and IoT hardware that incorporate affected Qualcomm Snapdragon chipsets. Successful exploitation could allow attackers with local privileged access to execute arbitrary code, escalate privileges, or cause denial of service by crashing devices. This could lead to data breaches, disruption of critical services, or compromise of sensitive communications. Industries relying heavily on mobile and IoT technology, such as telecommunications, manufacturing, healthcare, and critical infrastructure, are particularly at risk. The impact is heightened in environments where devices are shared or physically accessible by untrusted personnel. Although remote exploitation is not feasible without prior local compromise, the vulnerability could be chained with other flaws to facilitate lateral movement within networks. The lack of patches increases exposure time, and the broad range of affected chipsets means many devices in use across Europe could be vulnerable. This could affect corporate mobile fleets, consumer devices used in business contexts, and embedded systems in industrial applications.

1. Monitor Qualcomm and device vendors for official patches and apply them promptly once released. 2. Restrict local privileged access to devices using affected chipsets, enforcing strict access controls and device management policies. 3. Employ endpoint detection and response (EDR) solutions to monitor for anomalous behavior indicative of exploitation attempts, such as unexpected crashes or memory corruption events. 4. Implement network segmentation to limit lateral movement if a device is compromised. 5. For IoT and embedded devices, ensure firmware integrity verification and secure update mechanisms are in place. 6. Conduct regular security audits and vulnerability assessments focusing on devices with Qualcomm Snapdragon components. 7. Educate users and administrators about the risks of granting elevated privileges and the importance of physical security for devices. 8. Consider deploying application whitelisting and runtime protections that can mitigate exploitation of memory corruption vulnerabilities. 9. Maintain an inventory of devices with affected chipsets to prioritize mitigation efforts. 10. Collaborate with suppliers and service providers to understand exposure and remediation timelines.