CVE-2025-47383 — HIGH (7.2)

Vulnerability Description

Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.

CVSS Score

7.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Qualcomm	5G Fixed Wireless Access Platform Firmware	-
Qualcomm	5G Fixed Wireless Access Platform	-
Qualcomm	9206 Lte Modem Firmware	-
Qualcomm	9206 Lte Modem	-
Qualcomm	9207 Lte Modem Firmware	-
Qualcomm	9207 Lte Modem	-
Qualcomm	Apq8098 Firmware	-
Qualcomm	Apq8098	-
Qualcomm	Aqt1000 Firmware	-
Qualcomm	Aqt1000	-
Qualcomm	Qca8337 Firmware	-
Qualcomm	Qca8337	-
Qualcomm	Qca9367 Firmware	-
Qualcomm	Qca9367	-
Qualcomm	Qca9377 Firmware	-
Qualcomm	Qca9377	-
Qualcomm	Qcc710 Firmware	-
Qualcomm	Qcc710	-
Qualcomm	Qcm2290 Firmware	-
Qualcomm	Qcm2290	-

Related Weaknesses (CWE)

CWE-325

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-buVendor Advisory

FAQ

What is CVE-2025-47383?

CVE-2025-47383 is a vulnerability with a CVSS score of 7.2 (HIGH). Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.

How severe is CVE-2025-47383?

CVE-2025-47383 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-47383?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm 5G Fixed Wireless Access Platform Firmware, Qualcomm 5G Fixed Wireless Access Platform, Qualcomm 9206 Lte Modem Firmware, Qualcomm 9206 Lte Modem, Qualcomm 9207 Lte Modem Firmware.