📄 Description (English)
Transient DOS when an LTE RLC packet with invalid TB is received by UE.
🤖 AI Executive Summary
CVE-2025-47371 is a transient denial-of-service vulnerability in Qualcomm LTE RLC packet processing affecting multiple 5G and wireless connectivity platforms. When a user equipment (UE) receives an LTE RLC packet with an invalid Transport Block (TB), the device experiences temporary service disruption. With no patch currently available and medium CVSS score of 6.5, this poses operational risk to Saudi telecom infrastructure and 5G deployments.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 11, 2026 05:01
🇸🇦 Saudi Arabia Impact Assessment
Primary impact on Saudi telecom sector (STC, Mobily, Zain) operating 5G FWA (Fixed Wireless Access) networks and LTE infrastructure. Secondary impact on government entities using 5G connectivity for critical communications. Healthcare sector relying on 5G-enabled telemedicine and IoT devices may experience service disruptions. Energy sector (ARAMCO) utilizing 5G for industrial IoT and remote monitoring could face operational delays. Banking sector dependent on mobile connectivity for transaction processing may experience temporary service degradation. The vulnerability affects Qualcomm FastConnect chipsets widely deployed in Saudi enterprise and consumer devices.
🏢 Affected Saudi Sectors
Telecommunications (STC, Mobily, Zain)
Government and Public Administration
Healthcare and Telemedicine
Energy and Utilities (ARAMCO)
Banking and Financial Services
Enterprise IT and IoT
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
6.2
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Inventory all Qualcomm-based devices using affected firmware versions (5G FWA platforms, FastConnect 6200/6700/6800/6900/7800, AR8035, CSRA6620/6640)
2. Monitor network logs for malformed LTE RLC packets with invalid TB indicators
3. Implement network-level filtering to detect and drop packets with invalid TB values
COMPENSATING CONTROLS (until patch available):
4. Deploy DPI (Deep Packet Inspection) rules to identify and block malformed RLC packets at network edge
5. Configure UE watchdog timers to auto-recover from transient DOS within 30 seconds
6. Implement rate limiting on RLC packet processing to prevent cascading failures
7. Enable enhanced logging for RLC packet anomalies for forensic analysis
PATCHING GUIDANCE:
8. Subscribe to Qualcomm security bulletins for firmware updates addressing CWE-617
9. Establish firmware update procedures for affected platforms once patches are released
10. Prioritize patching of 5G FWA platforms serving critical infrastructure
DETECTION RULES:
11. Monitor for repeated UE disconnections/reconnections within short timeframes
12. Alert on RLC layer errors with invalid TB field values
13. Track device recovery times from transient DOS events
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. حصر جميع أجهزة Qualcomm التي تستخدم إصدارات البرامج الثابتة المتأثرة (منصات 5G FWA، FastConnect 6200/6700/6800/6900/7800، AR8035، CSRA6620/6640)
2. مراقبة سجلات الشبكة للكشف عن حزم LTE RLC المشوهة ذات مؤشرات TB غير صحيحة
3. تطبيق تصفية على مستوى الشبكة للكشف عن الحزم ذات قيم TB غير صحيحة وحجبها
الضوابط التعويضية (حتى توفر التصحيح):
4. نشر قواعد DPI للكشف عن حزم RLC المشوهة وحجبها على حافة الشبكة
5. تكوين مؤقتات المراقبة على UE للتعافي التلقائي من حجب الخدمة المؤقتة خلال 30 ثانية
6. تطبيق تحديد معدل على معالجة حزم RLC لمنع الفشل المتسلسل
7. تفعيل السجلات المحسنة لشذوذ حزم RLC للتحليل الجنائي
إرشادات التصحيح:
8. الاشتراك في نشرات أمان Qualcomm للحصول على تحديثات البرامج الثابتة التي تعالج CWE-617
9. إنشاء إجراءات تحديث البرامج الثابتة للمنصات المتأثرة بمجرد إصدار التصحيحات
10. إعطاء الأولوية لتصحيح منصات 5G FWA التي تخدم البنية التحتية الحرجة
قواعد الكشف:
11. مراقبة قطع الاتصال المتكرر للأجهزة/إعادة الاتصال خلال فترات زمنية قصيرة
12. تنبيهات على أخطاء طبقة RLC ذات قيم حقل TB غير صحيحة
13. تتبع أوقات تعافي الأجهزة من أحداث حجب الخدمة المؤقتة
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.12.6.1 - Management of technical vulnerabilities in network infrastructure
ECC 2024 A.12.2.1 - Change management for firmware and software updates
ECC 2024 A.12.3.1 - Segregation of networks and network services
🔵 SAMA CSF
SAMA CSF ID.BE-3.1 - Resilience of critical systems
SAMA CSF PR.IP-1.1 - Information security policies and procedures
SAMA CSF DE.CM-1.1 - Detection and monitoring of anomalous activity
🟡 ISO 27001:2022
ISO 27001:2022 A.12.2.1 - Change management procedures
ISO 27001:2022 A.12.6.1 - Management of technical vulnerabilities
ISO 27001:2022 A.13.1.1 - Network security perimeter
🟣 PCI DSS v4.0.1
PCI DSS 6.2 - Security patches for system components
PCI DSS 11.2 - Vulnerability scanning and remediation
📦 Affected Products / CPE 50 entries
qualcomm:5g_fixed_wireless_access_platform_firmware:-
qualcomm:ar8035_firmware:-
qualcomm:csra6620_firmware:-
qualcomm:csra6640_firmware:-
qualcomm:fastconnect_6200_firmware:-
qualcomm:fastconnect_6700_firmware:-
qualcomm:fastconnect_6800_firmware:-
qualcomm:fastconnect_6900_firmware:-
qualcomm:fastconnect_7800_firmware:-
qualcomm:fwa_gen_3_ultra_firmware:-
qualcomm:g1_gen_1_firmware:-
qualcomm:milos_firmware:-
qualcomm:netrani_firmware:-
qualcomm:orne_firmware:-
qualcomm:palawan25_firmware:-
qualcomm:qca6174a_firmware:-
qualcomm:qca6391_firmware:-
qualcomm:qca6574a_firmware:-
qualcomm:qca6574au_firmware:-
qualcomm:qca6584au_firmware:-
qualcomm:qca6595au_firmware:-
qualcomm:qca6678aq_firmware:-
qualcomm:qca6688aq_firmware:-
qualcomm:qca6696_firmware:-
qualcomm:qca6698aq_firmware:-
qualcomm:qca6698au_firmware:-
qualcomm:qca6797aq_firmware:-
qualcomm:qca8081_firmware:-
qualcomm:qca8337_firmware:-
qualcomm:qcc710_firmware:-
qualcomm:qcm2290_firmware:-
qualcomm:qcm4325_firmware:-
qualcomm:qcm4490_firmware:-
qualcomm:qcn6024_firmware:-
qualcomm:qcn6224_firmware:-
qualcomm:qcn6274_firmware:-
qualcomm:qcn9011_firmware:-
qualcomm:qcn9012_firmware:-
qualcomm:qcn9024_firmware:-
qualcomm:qcs2290_firmware:-
qualcomm:qcs4290_firmware:-
qualcomm:qcs4490_firmware:-
qualcomm:qcs8550_firmware:-
qualcomm:qfw7114_firmware:-
qualcomm:qfw7124_firmware:-
qualcomm:qmp1000_firmware:-
qualcomm:robotics_rb2_platform_firmware:-
qualcomm:snapdragon_8_gen_1_firmware:-
qualcomm:sd662_firmware:-
qualcomm:sdx61_firmware:-