보안 권고문

Qualcomm 제품 보안 업데이트 권고

등록일: 2025년 11월 10일

개요

Qualcomm 제품에서 발생하는 취약점을 해결하는 보안 업데이트를 발표하였습니다. 해당하는 제품 사용자는 최신 버전으로 업데이트 하시기 바랍니다.

대상 제품

CVE-2025-27070

AR8035, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6174A, QCA6391, QCA6421, QCA6426, QCA6431, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCC710, QCM4325, QCM5430, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN9011, QCN9012, QCN9024, QCN9274, QCS5430, QCS615, QCS6490, QCS8300, QCS8550, QCS9100, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QEP8111, QFW7114, QFW7124, QMP1000, QRU1032, QRU1052, QRU1062, QSM8350, Qualcomm® Video Collaboration VC3 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155P, SA8195P, SA8255P, SA8295P, SA8530P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SC8380XP, SD 8 Gen1 5G, SD865 5G, SDX61, SG4150P, SG8275P, SM4635, SM6650, SM6650P, SM7250P, SM7635, SM7675, SM7675P, SM8550P, SM8635, SM8635P, SM8650Q, SM8735, SM8750, SM8750P, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 662 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 695 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR1 Gen 1 Platform, Snapdragon AR1 Gen 1 Platform “Luna1”, Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon X32 5G Modem-RF System, Snapdragon X35 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X62 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, SRV1H, SRV1L, SRV1M, SSG2115P, SSG2125P, SXR1230P, SXR2130, SXR2230P, SXR2250P, SXR2330P, WCD9340, WCD9370, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN3950, WCN3988, WCN6450, WCN6650, WCN6755, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H

CVE-2025-27074

APQ8064AU, CSR8811, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, IPQ5010, IPQ5028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9574, MDM9640, MDM9650, MSM8996AU, PMP8074, QCA4024, QCA6174A, QCA6234, QCA6310, QCA6320, QCA6428, QCA6438, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6694, QCA8072, QCA8075, QCA8081, QCA9888, QCA9889, QCA9984, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5550, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN9000, QCN9001, QCN9002, QCN9003, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, SD820, SD821, SDM429W, SDX55, Snapdragon 429 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 820 Mobile Platform, Snapdragon 821 Mobile Platform, Snapdragon Wear 4100+ Platform, WCD9335, WCN3610, WCN3620, WCN3660B, WCN3680B, WCN3980, WSA8810, WSA8815

CVE-2025-47352

FastConnect 7800, QCC2072, WCD9378C, WSA8840, WSA8845, WSA8845H, X2000077, X2000086, X2000090, X2000092, X2000094, XG101002, XG101032, XG101039

CVE-2025-47353

QAM8255P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6595, QCA6698AQ, QCA6797AQ, SA7255P, SA7775P, SA8255P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SRV1H, SRV1M

CVE-2025-47357

QAM8255P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6595, QCA6595AU, QCA6678AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCS9100, SA7255P, SA7775P, SA8255P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SRV1H, SRV1L, SRV1M

CVE-2025-47360

QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6574AU, QCA6595, QCA6595AU, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8695AU, SA6145P, SA6150P, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155P, SA8195P, SA8255P, SA8295P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SRV1H, SRV1L, SRV1M

CVE-2025-47361

QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6574AU, QCA6595, QCA6595AU, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8695AU, SA7255P, SA7775P, SA8255P, SA8295P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SRV1H, SRV1L, SRV1M

CVE-2025-47362

MSM8996AU, QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8695AU, SA6145P, SA6150P, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155P, SA8195P, SA8255P, SA8295P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, Snapdragon 820 Automotive Platform, SRV1H, SRV1L, SRV1M

CVE-2025-47365

CVE-2025-47367

FastConnect 6700, FastConnect 6900, FastConnect 7800, QCC2072, QCM5430, QCM6490, QCS5430, QCS6490, Qualcomm® Video Collaboration VC3 Platform, SC8380XP, Snapdragon 7c+ Gen 3 Compute, Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), WCD9370, WCD9375, WCD9378C, WCD9380, WCD9385, WSA8830, WSA8835, WSA8840, WSA8845, WSA8845H, X2000077, X2000086, X2000090, X2000092, X2000094, XG101002, XG101032, XG101039

CVE-2025-47368

FastConnect 6900, FastConnect 7800, SC8380XP, WCD9380, WCD9385, WSA8840, WSA8845, WSA8845H

CVE-2025-47370

AR8035, CSRB31024, FastConnect 6700, FastConnect 6900, FastConnect 7800, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6391, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6688AQ, QCA6696, QCA6698AQ, QCA6777AQ, QCA6787AQ, QCA6797AQ, QCA8081, QCA8337, QCA8695AU, QCC2073, QCC2076, QCC5161, QCC710, QCC7225, QCC7226, QCC7228, QCM4490, QCM5430, QCM6490, QCN6224, QCN6274, QCN7605, QCN7606, QCN9011, QCN9012, QCS4490, QCS5430, QCS615, QCS6490, QCS8550, QCS9100, QFW7114, QFW7124, QMP1000, Qualcomm® Video Collaboration VC3 Platform, S3 Gen 2 Sound Platform, S3 Sound Platform, S5 Gen 2 Sound Platform, S5 Sound Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SC8380XP, SDX55, SM7325P, SM7675, SM7675P, SM8550P, SM8635, SM8635P, SM8650Q, SM8735, SM8750, SM8750P, Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon AR1 Gen 1 Platform, Snapdragon AR1 Gen 1 Platform “Luna1”, Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon Auto 4G Modem, SRV1H, SRV1M, SSG2115P, SSG2125P, SXR1230P, SXR2230P, SXR2250P, SXR2330P, SXR2350P, WCD9340, WCD9360, WCD9370, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN3950, WCN6755, WCN7750, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H

CVE-2025-27064

FastConnect 6900, FastConnect 7800, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5300, IPQ5302, IPQ5312, IPQ5332, IPQ5424, IPQ9008, IPQ9048, IPQ9554, IPQ9570, IPQ9574, MDM9628, QAM8255P, QAM8650P, QCA0000, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6584AU, QCA6595AU, QCA6678AQ, QCA6688AQ, QCA6698AQ, QCA8075, QCA8080, QCA8081, QCA8082, QCA8084, QCA8085, QCA8101, QCA8102, QCA8111, QCA8112, QCA8384, QCA8385, QCA8386, QCA9367, QCA9377, QCF8000, QCF8001, QCN5124, QCN5224, QCN6402, QCN6412, QCN6422, QCN6432, QCN9000, QCN9012, QCN9024, QCN9074, QCN9160, QCN9274, QXM8083, SA4150P, SA4155P, SA6155P, SA7255P, SA8155P, SA8195P, SA8255P, SA8530P, SA8540P, SA8650P, SA9000P, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon Auto 5G Modem-RF Gen 2, SXR2250P, WCD9380, WCN3660B, WCN3680B, WCN3980, WSA8830, WSA8835

해결된 취약점

Qualcomm 제품의 Windows Compute에서 발생하는 경계를 벗어난 쓰기 취약점 (CVE-2025-27070)
Qualcomm 제품의 SCE-Mink 구성요소에서 발생하는 버퍼 크기 계산 오류 취약점 (CVE-2025-27074)
Qualcomm 제품의 Audio에서 발생하는 부적절한 배열 인덱스 검증 취약점 (CVE-2025-47352)
Qualcomm 제품의 QNX 기반 자동차 소프트웨어 플랫폼에서 발생하는 위험한 메서드 및 함수 노출 취약점(CVE-2025-47353)
Qualcomm 제품의 SMSS에서 발생하는 중요 함수 인증 누락 취약점 (CVE-2025-47357)
Qualcomm 제품의 QNX 기반 자동차 소프트웨어 플랫폼에서 발생하는 스택 버퍼 오버플로우 취약점 (CVE-2025-47360)
Qualcomm 제품의 QNX 기반 자동차 소프트웨어 플랫폼에서 발생하는 부적절한 배열 인덱스 검증 취약점 (CVE-2025-47361)
Qualcomm 제품의 QNX 기반 자동차 소프트웨어 플랫폼에서 발생하는 버퍼 범위 초과 읽기 취약점 (CVE-2025-47362)
Qualcomm 제품의 Automotive Platform에서 발생하는 정수 오버플로우 및 값 순환 취약점 (CVE-2025-47365)
Qualcomm 제품의 WinBlast Driver에서 발생하는 경계를 벗어난 쓰기 취약점 (CVE-2025-47367)
Qualcomm 제품의 DSP Service에서 발생하는 버퍼 범위 초과 읽기 취약점 (CVE-2025-47368)
Qualcomm 제품의 BT Controller에서 발생하는 도달 가능한 어설션 취약점 (CVE-2025-47370)
Qualcomm 제품의 Core Services에서 발생하는 외부 입력으로 유발 가능한 단언 검사 실패 취약점 (CVE-2025-27064)

취약점 패치

최신 업데이트를 통해 취약점 패치가 제공되었습니다. 참고 사이트의 안내에 따라 최신 취약점 패치 버전으로 업데이트 하시기 바랍니다.

CVE-2025-27070, CVE-2025-27074, CVE-2025-47352, CVE-2025-47353, CVE-2025-47357, CVE-2025-47360, CVE-2025-47361, CVE-2025-47362, CVE-2025-47365, CVE-2025-47367, CVE-2025-47368, CVE-2025-47370, CVE-2025-27064

각 제조사에서 배포하는 보안 업데이트를 적용

참고사이트

[1] November 2025 Security Bulletin
https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2025-bulletin.html