Base Score

MEDIUM6.7

CVE-2025-47319

Information disclosure while exposing internal TA-to-TA communication APIs to HLOS

VectorLOCAL

Published Byproduct-security@qualcomm.com

Published DateDec 18, 2025, 06:15

Weakness Type (CWE):CWE-497

CVSS Metrics

Base Score

6.7

Vector String

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

HIGH

User Interaction (UI)

NONE

Scope (S)

CHANGED

Confidentiality (C)

HIGH

Integrity (I)

LOW

Availability (A)

NONE

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Base Score

MEDIUM6.7

Weakness Type (CWE):CWE-497

CVSS Metrics

Base Score

6.7

Vector String

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

HIGH

User Interaction (UI)

NONE

Scope (S)

CHANGED

Confidentiality (C)

HIGH

Integrity (I)

LOW

Availability (A)

NONE