CVE-2025-47351 is an integer overflow vulnerability classified under CWE-190 affecting multiple Qualcomm Snapdragon components, including FastConnect wireless subsystems (6200, 6700, 6900, 7800) and various SoCs (SG6150, SM8750, SM8850) and wireless chips (WCD9370 series, WCN3950 series, WSA88xx series). The vulnerability stems from improper processing of user-supplied buffers, which can cause an integer overflow or wraparound during memory operations. This leads to memory corruption, potentially enabling an attacker with local privileges to execute arbitrary code, escalate privileges, or cause denial of service. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) indicates that exploitation requires local access with low complexity and privileges but no user interaction, and can result in high confidentiality, integrity, and availability impacts. The vulnerability was reserved in May 2025 and published in October 2025, with no known exploits in the wild to date. The affected components are widely integrated into mobile devices, IoT, and embedded systems, making the vulnerability relevant for a broad range of users and organizations. Qualcomm has not yet published patches or mitigation details, emphasizing the need for vigilance and proactive defense measures.

For European organizations, this vulnerability poses significant risks, particularly those relying on mobile devices, embedded systems, or telecommunications infrastructure using affected Qualcomm Snapdragon components. Exploitation could lead to unauthorized access to sensitive data, disruption of critical services, and potential lateral movement within networks if attackers gain elevated privileges. Industries such as telecommunications, finance, healthcare, and government are especially vulnerable due to their reliance on secure mobile communications and embedded devices. The high confidentiality, integrity, and availability impacts could result in data breaches, service outages, and reputational damage. Additionally, the widespread use of Snapdragon chipsets in consumer and enterprise devices across Europe increases the attack surface. Although exploitation requires local access, insider threats or compromised devices could facilitate attacks. The absence of known exploits currently provides a window for mitigation before active exploitation emerges.

1. Monitor Qualcomm and device vendors for official patches and apply them promptly once available. 2. Restrict local access to devices with affected Snapdragon components, enforcing strict physical and logical access controls. 3. Employ endpoint detection and response (EDR) solutions to identify anomalous behavior indicative of exploitation attempts. 4. Harden device configurations by disabling unnecessary services and interfaces that could provide local access. 5. Conduct regular security audits and vulnerability assessments focusing on mobile and embedded device security. 6. Educate users and administrators about the risks of local privilege escalation and the importance of device security hygiene. 7. Where possible, isolate critical systems using network segmentation to limit potential lateral movement from compromised devices. 8. Implement strict patch management policies and maintain an inventory of devices using affected Qualcomm components to prioritize remediation efforts.