Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for sd780_firmware by qualcomm

    CVE-2022-22091 (GCVE-0-2022-22091)

    Vulnerability from nvd – Published: 2022-09-16 05:25 – Updated: 2024-08-03 03:00
    VLAI
    Summary
    Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
    CWE
    • Improper Authorization in LTE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Affected: APQ8017, APQ8053, AQT1000, AR8035, CSRB31024, MSM8917, MSM8920, MSM8940, MSM8953, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM6125, QCS2290, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, Qualcomm215, SA415M, SA515M, SC8180X+SDX55, SD 636, SD 675, SD 8 Gen1 5G, SD 8cx Gen2, SD429, SD439, SD450, SD460, SD480, SD632, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7450, SM8475, SM8475P, SW5100, SW5100P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WC ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:00:55.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8017, APQ8053, AQT1000, AR8035, CSRB31024, MSM8917, MSM8920, MSM8940, MSM8953, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM6125, QCS2290, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, Qualcomm215, SA415M, SA515M, SC8180X+SDX55, SD 636, SD 675, SD 8 Gen1 5G, SD 8cx Gen2, SD429, SD439, SD450, SD460, SD480, SD632, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7450, SM8475, SM8475P, SW5100, SW5100P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WC ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authorization in LTE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-16T05:25:45.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2022-22091",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8017, APQ8053, AQT1000, AR8035, CSRB31024, MSM8917, MSM8920, MSM8940, MSM8953, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM6125, QCS2290, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, Qualcomm215, SA415M, SA515M, SC8180X+SDX55, SD 636, SD 675, SD 8 Gen1 5G, SD 8cx Gen2, SD429, SD439, SD450, SD460, SD480, SD632, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7450, SM8475, SM8475P, SW5100, SW5100P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7851, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 7.5,
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authorization in LTE"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-22091",
        "datePublished": "2022-09-16T05:25:45.000Z",
        "dateReserved": "2021-12-21T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:00:55.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-22091 (GCVE-0-2022-22091)

    Vulnerability from cvelistv5 – Published: 2022-09-16 05:25 – Updated: 2024-08-03 03:00
    VLAI
    Summary
    Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
    CWE
    • Improper Authorization in LTE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Affected: APQ8017, APQ8053, AQT1000, AR8035, CSRB31024, MSM8917, MSM8920, MSM8940, MSM8953, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM6125, QCS2290, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, Qualcomm215, SA415M, SA515M, SC8180X+SDX55, SD 636, SD 675, SD 8 Gen1 5G, SD 8cx Gen2, SD429, SD439, SD450, SD460, SD480, SD632, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7450, SM8475, SM8475P, SW5100, SW5100P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WC ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:00:55.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8017, APQ8053, AQT1000, AR8035, CSRB31024, MSM8917, MSM8920, MSM8940, MSM8953, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM6125, QCS2290, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, Qualcomm215, SA415M, SA515M, SC8180X+SDX55, SD 636, SD 675, SD 8 Gen1 5G, SD 8cx Gen2, SD429, SD439, SD450, SD460, SD480, SD632, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7450, SM8475, SM8475P, SW5100, SW5100P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WC ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authorization in LTE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-16T05:25:45.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2022-22091",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8017, APQ8053, AQT1000, AR8035, CSRB31024, MSM8917, MSM8920, MSM8940, MSM8953, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM6125, QCS2290, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, Qualcomm215, SA415M, SA515M, SC8180X+SDX55, SD 636, SD 675, SD 8 Gen1 5G, SD 8cx Gen2, SD429, SD439, SD450, SD460, SD480, SD632, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7450, SM8475, SM8475P, SW5100, SW5100P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7851, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 7.5,
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authorization in LTE"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-22091",
        "datePublished": "2022-09-16T05:25:45.000Z",
        "dateReserved": "2021-12-21T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:00:55.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }