Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2022-AVI-881
Vulnerability from certfr_avis - Published: 2022-10-04 - Updated: 2022-10-04
De multiples vulnérabilités ont été découvertes dans Google Android. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Google Android versions 10, 11, 12, 12L, 13 sans le correctif de s\u00e9curit\u00e9 du 5 octobre 2022",
"product": {
"name": "Android",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-25736",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25736"
},
{
"name": "CVE-2022-20410",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20410"
},
{
"name": "CVE-2022-20394",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20394"
},
{
"name": "CVE-2022-20421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20421"
},
{
"name": "CVE-2022-25748",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25748"
},
{
"name": "CVE-2021-39624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39624"
},
{
"name": "CVE-2022-33217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33217"
},
{
"name": "CVE-2022-20423",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20423"
},
{
"name": "CVE-2022-20434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20434"
},
{
"name": "CVE-2022-20420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20420"
},
{
"name": "CVE-2022-25660",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25660"
},
{
"name": "CVE-2022-20430",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20430"
},
{
"name": "CVE-2022-20436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20436"
},
{
"name": "CVE-2021-39758",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39758"
},
{
"name": "CVE-2022-20413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20413"
},
{
"name": "CVE-2022-20435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20435"
},
{
"name": "CVE-2022-20417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20417"
},
{
"name": "CVE-2022-20439",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20439"
},
{
"name": "CVE-2022-25661",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25661"
},
{
"name": "CVE-2022-20415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20415"
},
{
"name": "CVE-2022-20432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20432"
},
{
"name": "CVE-2022-22077",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22077"
},
{
"name": "CVE-2021-0951",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0951"
},
{
"name": "CVE-2022-33214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33214"
},
{
"name": "CVE-2022-20440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20440"
},
{
"name": "CVE-2022-20438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20438"
},
{
"name": "CVE-2022-25723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25723"
},
{
"name": "CVE-2022-25687",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25687"
},
{
"name": "CVE-2022-25749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25749"
},
{
"name": "CVE-2022-20418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20418"
},
{
"name": "CVE-2022-20412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20412"
},
{
"name": "CVE-2022-20431",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20431"
},
{
"name": "CVE-2021-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0696"
},
{
"name": "CVE-2022-20409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20409"
},
{
"name": "CVE-2022-20422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20422"
},
{
"name": "CVE-2022-20416",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20416"
},
{
"name": "CVE-2022-26472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26472"
},
{
"name": "CVE-2022-20351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20351"
},
{
"name": "CVE-2022-20437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20437"
},
{
"name": "CVE-2021-0699",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0699"
},
{
"name": "CVE-2022-25720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25720"
},
{
"name": "CVE-2021-39673",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39673"
},
{
"name": "CVE-2022-25718",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25718"
},
{
"name": "CVE-2022-20424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20424"
},
{
"name": "CVE-2022-20433",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20433"
},
{
"name": "CVE-2022-20425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20425"
},
{
"name": "CVE-2022-20419",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20419"
},
{
"name": "CVE-2022-26471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26471"
}
],
"initial_release_date": "2022-10-04T00:00:00",
"last_revision_date": "2022-10-04T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-881",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Google du 03 octobre 2022",
"url": "https://source.android.com/docs/security/bulletin/2022-10-01"
}
]
}
CVE-2022-20437 (GCVE-0-2022-20437)
Vulnerability from cvelistv5 – Published: 2022-10-11 00:00 – Updated: 2024-08-03 02:10
VLAI
EPSS
Summary
In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242258929
Severity
No CVSS data available.
CWE
- Denial of service
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:10:44.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2022-10-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242258929"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2022-10-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2022-20437",
"datePublished": "2022-10-11T00:00:00.000Z",
"dateReserved": "2021-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T02:10:44.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20438 (GCVE-0-2022-20438)
Vulnerability from cvelistv5 – Published: 2022-10-11 00:00 – Updated: 2024-08-03 02:10
VLAI
EPSS
Summary
In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259920
Severity
No CVSS data available.
CWE
- Denial of service
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:10:44.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2022-10-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259920"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2022-10-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2022-20438",
"datePublished": "2022-10-11T00:00:00.000Z",
"dateReserved": "2021-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T02:10:44.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20439 (GCVE-0-2022-20439)
Vulnerability from cvelistv5 – Published: 2022-10-11 00:00 – Updated: 2024-08-03 02:10
VLAI
EPSS
Summary
In Messaging, There has unauthorized provider, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242266172
Severity
No CVSS data available.
CWE
- Denial of service
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:10:44.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2022-10-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Messaging, There has unauthorized provider, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242266172"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2022-10-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2022-20439",
"datePublished": "2022-10-11T00:00:00.000Z",
"dateReserved": "2021-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T02:10:44.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20440 (GCVE-0-2022-20440)
Vulnerability from cvelistv5 – Published: 2022-10-11 00:00 – Updated: 2024-08-03 02:10
VLAI
EPSS
Summary
In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259918
Severity
No CVSS data available.
CWE
- Denial of service
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:10:44.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2022-10-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259918"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2022-10-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2022-20440",
"datePublished": "2022-10-11T00:00:00.000Z",
"dateReserved": "2021-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T02:10:44.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22077 (GCVE-0-2022-22077)
Vulnerability from cvelistv5 – Published: 2022-10-12 00:00 – Updated: 2025-05-15 18:41
VLAI
EPSS
Summary
Memory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon Mobile
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Use-After-Free in Graphics
- CWE-416 - Use After Free
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Mobile |
Affected:
SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:55.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-22077",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-15T18:41:43.695113Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T18:41:55.597Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon Mobile"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-After-Free in Graphics",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-19T00:00:00.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-22077",
"datePublished": "2022-10-12T00:00:00.000Z",
"dateReserved": "2021-12-21T00:00:00.000Z",
"dateUpdated": "2025-05-15T18:41:55.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25660 (GCVE-0-2022-25660)
Vulnerability from cvelistv5 – Published: 2022-10-12 00:00 – Updated: 2025-05-15 15:09
VLAI
EPSS
Summary
Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Double Free in Kernel
- CWE-415 - Double Free
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile |
Affected:
AQT1000, AR8035, QAM8295P, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM6490, QCS603, QCS605, QCS6490, QSM8350, SA6145P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8295P, SA8540P, SA9000P, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD670, SD675, SD678, SD765, SD765G, SD768G, SD778G, SD780G, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDX65, SDXR2 5G, SM7250P, SM7315, SM7325P, WCD9326, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:42:50.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-15T15:09:08.552072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T15:09:32.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AQT1000, AR8035, QAM8295P, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM6490, QCS603, QCS605, QCS6490, QSM8350, SA6145P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8295P, SA8540P, SA9000P, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD670, SD675, SD678, SD765, SD765G, SD768G, SD778G, SD780G, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDX65, SDXR2 5G, SM7250P, SM7315, SM7325P, WCD9326, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double Free in Kernel",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-19T00:00:00.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-25660",
"datePublished": "2022-10-12T00:00:00.000Z",
"dateReserved": "2022-02-22T00:00:00.000Z",
"dateUpdated": "2025-05-15T15:09:32.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25661 (GCVE-0-2022-25661)
Vulnerability from cvelistv5 – Published: 2022-10-12 00:00 – Updated: 2025-05-15 15:08
VLAI
EPSS
Summary
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Untrusted Pointer Dereference in Kernel
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile |
Affected:
AQT1000, AR8035, QAM8295P, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM6490, QCN9011, QCN9012, QCS603, QCS605, QCS6490, QRB5165, QRB5165M, QRB5165N, QSM8350, SA6145P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8295P, SA8540P, SA9000P, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD670, SD675, SD678, SD765, SD765G, SD768G, SD778G, SD780G, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDX65, SDXR2 5G, SM7250P, SM7315, SM7325P, WCD9326, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:42:50.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25661",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-15T15:07:55.517289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T15:08:27.435Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AQT1000, AR8035, QAM8295P, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM6490, QCN9011, QCN9012, QCS603, QCS605, QCS6490, QRB5165, QRB5165M, QRB5165N, QSM8350, SA6145P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8295P, SA8540P, SA9000P, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD670, SD675, SD678, SD765, SD765G, SD768G, SD778G, SD780G, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDX65, SDXR2 5G, SM7250P, SM7315, SM7325P, WCD9326, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted Pointer Dereference in Kernel",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-19T00:00:00.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-25661",
"datePublished": "2022-10-12T00:00:00.000Z",
"dateReserved": "2022-02-22T00:00:00.000Z",
"dateUpdated": "2025-05-15T15:08:27.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25687 (GCVE-0-2022-25687)
Vulnerability from cvelistv5 – Published: 2022-10-19 00:00 – Updated: 2025-05-09 14:49
VLAI
EPSS
Summary
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Buffer Copy Without Checking Size of Input in Video
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
Affected:
APQ8009
Affected: APQ8009W Affected: APQ8017 Affected: APQ8052 Affected: APQ8053 Affected: APQ8056 Affected: APQ8064AU Affected: APQ8076 Affected: APQ8096AU Affected: AQT1000 Affected: AR8031 Affected: CSRA6620 Affected: CSRA6640 Affected: FSM10056 Affected: MDM9150 Affected: MDM9206 Affected: MDM9250 Affected: MDM9607 Affected: MDM9628 Affected: MDM9650 Affected: MSM8108 Affected: MSM8208 Affected: MSM8209 Affected: MSM8608 Affected: MSM8909W Affected: MSM8917 Affected: MSM8952 Affected: MSM8953 Affected: MSM8956 Affected: MSM8976 Affected: MSM8976SG Affected: MSM8996AU Affected: QAM8295P Affected: QCA4020 Affected: QCA6174A Affected: QCA6310 Affected: QCA6320 Affected: QCA6335 Affected: QCA6390 Affected: QCA6391 Affected: QCA6420 Affected: QCA6421 Affected: QCA6426 Affected: QCA6430 Affected: QCA6431 Affected: QCA6436 Affected: QCA6564 Affected: QCA6564A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCA9367 Affected: QCA9377 Affected: QCA9379 Affected: QCC5100 Affected: QCM2290 Affected: QCM4290 Affected: QCM6125 Affected: QCM6490 Affected: QCN7606 Affected: QCS2290 Affected: QCS405 Affected: QCS410 Affected: QCS4290 Affected: QCS605 Affected: QCS610 Affected: QCS6125 Affected: QCS6490 Affected: Qualcomm215 Affected: SA4150P Affected: SA4155P Affected: SA6145P Affected: SA6150P Affected: SA6155 Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SD 636 Affected: SD 675 Affected: SD 8 Gen1 5G Affected: SD205 Affected: SD210 Affected: SD429 Affected: SD439 Affected: SD450 Affected: SD460 Affected: SD480 Affected: SD632 Affected: SD660 Affected: SD662 Affected: SD665 Affected: SD670 Affected: SD675 Affected: SD678 Affected: SD680 Affected: SD690 5G Affected: SD695 Affected: SD710 Affected: SD720G Affected: SD730 Affected: SD750G Affected: SD765 Affected: SD765G Affected: SD768G Affected: SD778G Affected: SD780G Affected: SD820 Affected: SD821 Affected: SD835 Affected: SD845 Affected: SD855 Affected: SD865 5G Affected: SD870 Affected: SD888 Affected: SD888 5G Affected: SDA429W Affected: SDM429W Affected: SDW2500 Affected: SDX20 Affected: SDX20M Affected: SDX50M Affected: SDX55 Affected: SDX55M Affected: SDXR1 Affected: SDXR2 5G Affected: SM4125 Affected: SM4375 Affected: SM6250 Affected: SM6250P Affected: SM7250P Affected: SM7315 Affected: SM7325P Affected: SW5100 Affected: SW5100P Affected: SXR2150P Affected: WCD9326 Affected: WCD9330 Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9370 Affected: WCD9371 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 Affected: WCN3610 Affected: WCN3615 Affected: WCN3620 Affected: WCN3660 Affected: WCN3660B Affected: WCN3680 Affected: WCN3680B Affected: WCN3910 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WCN3991 Affected: WCN3998 Affected: WCN3999 Affected: WCN6740 Affected: WCN6750 Affected: WCN6850 Affected: WCN6851 Affected: WCN6855 Affected: WCN6856 Affected: WCN7850 Affected: WCN7851 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:42:50.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25687",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T14:49:00.468534Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T14:49:11.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009"
},
{
"status": "affected",
"version": "APQ8009W"
},
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8052"
},
{
"status": "affected",
"version": "APQ8053"
},
{
"status": "affected",
"version": "APQ8056"
},
{
"status": "affected",
"version": "APQ8064AU"
},
{
"status": "affected",
"version": "APQ8076"
},
{
"status": "affected",
"version": "APQ8096AU"
},
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "AR8031"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "FSM10056"
},
{
"status": "affected",
"version": "MDM9150"
},
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9250"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9628"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "MSM8108"
},
{
"status": "affected",
"version": "MSM8208"
},
{
"status": "affected",
"version": "MSM8209"
},
{
"status": "affected",
"version": "MSM8608"
},
{
"status": "affected",
"version": "MSM8909W"
},
{
"status": "affected",
"version": "MSM8917"
},
{
"status": "affected",
"version": "MSM8952"
},
{
"status": "affected",
"version": "MSM8953"
},
{
"status": "affected",
"version": "MSM8956"
},
{
"status": "affected",
"version": "MSM8976"
},
{
"status": "affected",
"version": "MSM8976SG"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QCA4020"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6310"
},
{
"status": "affected",
"version": "QCA6320"
},
{
"status": "affected",
"version": "QCA6335"
},
{
"status": "affected",
"version": "QCA6390"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6421"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCA6431"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCA6564"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6584AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA9367"
},
{
"status": "affected",
"version": "QCA9377"
},
{
"status": "affected",
"version": "QCA9379"
},
{
"status": "affected",
"version": "QCC5100"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM4290"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QCN7606"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QCS405"
},
{
"status": "affected",
"version": "QCS410"
},
{
"status": "affected",
"version": "QCS4290"
},
{
"status": "affected",
"version": "QCS605"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "QCS6125"
},
{
"status": "affected",
"version": "QCS6490"
},
{
"status": "affected",
"version": "Qualcomm215"
},
{
"status": "affected",
"version": "SA4150P"
},
{
"status": "affected",
"version": "SA4155P"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SD 636"
},
{
"status": "affected",
"version": "SD 675"
},
{
"status": "affected",
"version": "SD 8 Gen1 5G"
},
{
"status": "affected",
"version": "SD205"
},
{
"status": "affected",
"version": "SD210"
},
{
"status": "affected",
"version": "SD429"
},
{
"status": "affected",
"version": "SD439"
},
{
"status": "affected",
"version": "SD450"
},
{
"status": "affected",
"version": "SD460"
},
{
"status": "affected",
"version": "SD480"
},
{
"status": "affected",
"version": "SD632"
},
{
"status": "affected",
"version": "SD660"
},
{
"status": "affected",
"version": "SD662"
},
{
"status": "affected",
"version": "SD665"
},
{
"status": "affected",
"version": "SD670"
},
{
"status": "affected",
"version": "SD675"
},
{
"status": "affected",
"version": "SD678"
},
{
"status": "affected",
"version": "SD680"
},
{
"status": "affected",
"version": "SD690 5G"
},
{
"status": "affected",
"version": "SD695"
},
{
"status": "affected",
"version": "SD710"
},
{
"status": "affected",
"version": "SD720G"
},
{
"status": "affected",
"version": "SD730"
},
{
"status": "affected",
"version": "SD750G"
},
{
"status": "affected",
"version": "SD765"
},
{
"status": "affected",
"version": "SD765G"
},
{
"status": "affected",
"version": "SD768G"
},
{
"status": "affected",
"version": "SD778G"
},
{
"status": "affected",
"version": "SD780G"
},
{
"status": "affected",
"version": "SD820"
},
{
"status": "affected",
"version": "SD821"
},
{
"status": "affected",
"version": "SD835"
},
{
"status": "affected",
"version": "SD845"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SD870"
},
{
"status": "affected",
"version": "SD888"
},
{
"status": "affected",
"version": "SD888 5G"
},
{
"status": "affected",
"version": "SDA429W"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDW2500"
},
{
"status": "affected",
"version": "SDX20"
},
{
"status": "affected",
"version": "SDX20M"
},
{
"status": "affected",
"version": "SDX50M"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SDX55M"
},
{
"status": "affected",
"version": "SDXR1"
},
{
"status": "affected",
"version": "SDXR2 5G"
},
{
"status": "affected",
"version": "SM4125"
},
{
"status": "affected",
"version": "SM4375"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "SM6250P"
},
{
"status": "affected",
"version": "SM7250P"
},
{
"status": "affected",
"version": "SM7315"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "SXR2150P"
},
{
"status": "affected",
"version": "WCD9326"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9371"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3990"
},
{
"status": "affected",
"version": "WCN3991"
},
{
"status": "affected",
"version": "WCN3998"
},
{
"status": "affected",
"version": "WCN3999"
},
{
"status": "affected",
"version": "WCN6740"
},
{
"status": "affected",
"version": "WCN6750"
},
{
"status": "affected",
"version": "WCN6850"
},
{
"status": "affected",
"version": "WCN6851"
},
{
"status": "affected",
"version": "WCN6855"
},
{
"status": "affected",
"version": "WCN6856"
},
{
"status": "affected",
"version": "WCN7850"
},
{
"status": "affected",
"version": "WCN7851"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Copy Without Checking Size of Input in Video",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-19T00:00:00.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-25687",
"datePublished": "2022-10-19T00:00:00.000Z",
"dateReserved": "2022-02-22T00:00:00.000Z",
"dateUpdated": "2025-05-09T14:49:11.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25718 (GCVE-0-2022-25718)
Vulnerability from cvelistv5 – Published: 2022-10-19 00:00 – Updated: 2025-05-09 14:37
VLAI
EPSS
Summary
Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Cryptographic Issue in WLAN
- CWE-252 - Unchecked Return Value
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
Affected:
APQ8009
Affected: APQ8009W Affected: APQ8016 Affected: APQ8017 Affected: APQ8037 Affected: APQ8052 Affected: APQ8053 Affected: APQ8056 Affected: APQ8064AU Affected: APQ8076 Affected: APQ8092 Affected: APQ8094 Affected: APQ8096AU Affected: AR8031 Affected: CSRA6620 Affected: CSRA6640 Affected: CSRB31024 Affected: MDM8215 Affected: MDM9205 Affected: MDM9206 Affected: MDM9215 Affected: MDM9250 Affected: MDM9310 Affected: MDM9607 Affected: MDM9615 Affected: MDM9628 Affected: MDM9640 Affected: MDM9645 Affected: MDM9650 Affected: MSM8108 Affected: MSM8208 Affected: MSM8209 Affected: MSM8608 Affected: MSM8909W Affected: MSM8917 Affected: MSM8920 Affected: MSM8937 Affected: MSM8940 Affected: MSM8952 Affected: MSM8953 Affected: MSM8956 Affected: MSM8976 Affected: MSM8976SG Affected: MSM8992 Affected: MSM8994 Affected: MSM8996AU Affected: PM8937 Affected: QCA0000 Affected: QCA1023 Affected: QCA1990 Affected: QCA4004 Affected: QCA4010 Affected: QCA4020 Affected: QCA4024 Affected: QCA6174 Affected: QCA6174A Affected: QCA6175A Affected: QCA6310 Affected: QCA6320 Affected: QCA6554A Affected: QCA6564 Affected: QCA6564A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584 Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCA9367 Affected: QCA9369 Affected: QCA9377 Affected: QCA9379 Affected: QCC5100 Affected: QCS405 Affected: QET4101 Affected: QSW8573 Affected: Qualcomm215 Affected: SA415M Affected: SA515M Affected: SA6145P Affected: SA6150P Affected: SA6155 Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SD 455 Affected: SD 636 Affected: SD205 Affected: SD210 Affected: SD429 Affected: SD439 Affected: SD450 Affected: SD460 Affected: SD632 Affected: SD660 Affected: SD820 Affected: SD821 Affected: SD835 Affected: SD845 Affected: SDA429W Affected: SDM429W Affected: SDM630 Affected: SDW2500 Affected: SDX12 Affected: SDX20 Affected: SDX20M Affected: SDX24 Affected: SDX55 Affected: SW5100 Affected: SW5100P Affected: WCD9306 Affected: WCD9326 Affected: WCD9330 Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9360 Affected: WCD9370 Affected: WCD9375 Affected: WCN3610 Affected: WCN3615 Affected: WCN3620 Affected: WCN3660 Affected: WCN3660B Affected: WCN3680 Affected: WCN3680B Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WCN3998 Affected: WCN3999 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:42.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T14:37:38.509807Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252 Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T14:37:42.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009"
},
{
"status": "affected",
"version": "APQ8009W"
},
{
"status": "affected",
"version": "APQ8016"
},
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8037"
},
{
"status": "affected",
"version": "APQ8052"
},
{
"status": "affected",
"version": "APQ8053"
},
{
"status": "affected",
"version": "APQ8056"
},
{
"status": "affected",
"version": "APQ8064AU"
},
{
"status": "affected",
"version": "APQ8076"
},
{
"status": "affected",
"version": "APQ8092"
},
{
"status": "affected",
"version": "APQ8094"
},
{
"status": "affected",
"version": "APQ8096AU"
},
{
"status": "affected",
"version": "AR8031"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "CSRB31024"
},
{
"status": "affected",
"version": "MDM8215"
},
{
"status": "affected",
"version": "MDM9205"
},
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9215"
},
{
"status": "affected",
"version": "MDM9250"
},
{
"status": "affected",
"version": "MDM9310"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9615"
},
{
"status": "affected",
"version": "MDM9628"
},
{
"status": "affected",
"version": "MDM9640"
},
{
"status": "affected",
"version": "MDM9645"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "MSM8108"
},
{
"status": "affected",
"version": "MSM8208"
},
{
"status": "affected",
"version": "MSM8209"
},
{
"status": "affected",
"version": "MSM8608"
},
{
"status": "affected",
"version": "MSM8909W"
},
{
"status": "affected",
"version": "MSM8917"
},
{
"status": "affected",
"version": "MSM8920"
},
{
"status": "affected",
"version": "MSM8937"
},
{
"status": "affected",
"version": "MSM8940"
},
{
"status": "affected",
"version": "MSM8952"
},
{
"status": "affected",
"version": "MSM8953"
},
{
"status": "affected",
"version": "MSM8956"
},
{
"status": "affected",
"version": "MSM8976"
},
{
"status": "affected",
"version": "MSM8976SG"
},
{
"status": "affected",
"version": "MSM8992"
},
{
"status": "affected",
"version": "MSM8994"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "PM8937"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "QCA1023"
},
{
"status": "affected",
"version": "QCA1990"
},
{
"status": "affected",
"version": "QCA4004"
},
{
"status": "affected",
"version": "QCA4010"
},
{
"status": "affected",
"version": "QCA4020"
},
{
"status": "affected",
"version": "QCA4024"
},
{
"status": "affected",
"version": "QCA6174"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6175A"
},
{
"status": "affected",
"version": "QCA6310"
},
{
"status": "affected",
"version": "QCA6320"
},
{
"status": "affected",
"version": "QCA6554A"
},
{
"status": "affected",
"version": "QCA6564"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6584"
},
{
"status": "affected",
"version": "QCA6584AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA9367"
},
{
"status": "affected",
"version": "QCA9369"
},
{
"status": "affected",
"version": "QCA9377"
},
{
"status": "affected",
"version": "QCA9379"
},
{
"status": "affected",
"version": "QCC5100"
},
{
"status": "affected",
"version": "QCS405"
},
{
"status": "affected",
"version": "QET4101"
},
{
"status": "affected",
"version": "QSW8573"
},
{
"status": "affected",
"version": "Qualcomm215"
},
{
"status": "affected",
"version": "SA415M"
},
{
"status": "affected",
"version": "SA515M"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SD 455"
},
{
"status": "affected",
"version": "SD 636"
},
{
"status": "affected",
"version": "SD205"
},
{
"status": "affected",
"version": "SD210"
},
{
"status": "affected",
"version": "SD429"
},
{
"status": "affected",
"version": "SD439"
},
{
"status": "affected",
"version": "SD450"
},
{
"status": "affected",
"version": "SD460"
},
{
"status": "affected",
"version": "SD632"
},
{
"status": "affected",
"version": "SD660"
},
{
"status": "affected",
"version": "SD820"
},
{
"status": "affected",
"version": "SD821"
},
{
"status": "affected",
"version": "SD835"
},
{
"status": "affected",
"version": "SD845"
},
{
"status": "affected",
"version": "SDA429W"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDM630"
},
{
"status": "affected",
"version": "SDW2500"
},
{
"status": "affected",
"version": "SDX12"
},
{
"status": "affected",
"version": "SDX20"
},
{
"status": "affected",
"version": "SDX20M"
},
{
"status": "affected",
"version": "SDX24"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9326"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9360"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3990"
},
{
"status": "affected",
"version": "WCN3998"
},
{
"status": "affected",
"version": "WCN3999"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cryptographic Issue in WLAN",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-19T00:00:00.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-25718",
"datePublished": "2022-10-19T00:00:00.000Z",
"dateReserved": "2022-02-22T00:00:00.000Z",
"dateUpdated": "2025-05-09T14:37:42.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25720 (GCVE-0-2022-25720)
Vulnerability from cvelistv5 – Published: 2022-10-19 00:00 – Updated: 2025-05-09 14:36
VLAI
EPSS
Summary
Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Improper Validation of Array Index in WLAN
- CWE-129 - Improper Validation of Array Index
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
Affected:
APQ8009
Affected: APQ8009W Affected: APQ8017 Affected: APQ8052 Affected: APQ8053 Affected: APQ8056 Affected: APQ8064AU Affected: APQ8076 Affected: APQ8096AU Affected: AQT1000 Affected: AR6003 Affected: AR8031 Affected: AR8035 Affected: CSRA6620 Affected: CSRA6640 Affected: CSRB31024 Affected: MDM8215 Affected: MDM8215M Affected: MDM8615M Affected: MDM9150 Affected: MDM9206 Affected: MDM9215 Affected: MDM9230 Affected: MDM9250 Affected: MDM9310 Affected: MDM9330 Affected: MDM9607 Affected: MDM9615 Affected: MDM9615M Affected: MDM9628 Affected: MDM9630 Affected: MDM9640 Affected: MDM9650 Affected: MSM8108 Affected: MSM8208 Affected: MSM8209 Affected: MSM8608 Affected: MSM8909W Affected: MSM8917 Affected: MSM8952 Affected: MSM8953 Affected: MSM8956 Affected: MSM8976 Affected: MSM8976SG Affected: MSM8996AU Affected: QAM8295P Affected: QCA4020 Affected: QCA6174 Affected: QCA6174A Affected: QCA6175A Affected: QCA6310 Affected: QCA6320 Affected: QCA6335 Affected: QCA6390 Affected: QCA6391 Affected: QCA6420 Affected: QCA6421 Affected: QCA6426 Affected: QCA6430 Affected: QCA6431 Affected: QCA6436 Affected: QCA6554A Affected: QCA6564 Affected: QCA6564A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584 Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCA8081 Affected: QCA8337 Affected: QCA9367 Affected: QCA9377 Affected: QCA9379 Affected: QCC5100 Affected: QCM6125 Affected: QCN6024 Affected: QCN7605 Affected: QCN7606 Affected: QCN9024 Affected: QCS405 Affected: QCS410 Affected: QCS605 Affected: QCS610 Affected: QCS6125 Affected: QCX315 Affected: QET4101 Affected: QRB5165 Affected: QRB5165M Affected: QRB5165N Affected: QSW8573 Affected: Qualcomm215 Affected: SA4150P Affected: SA4155P Affected: SA415M Affected: SA515M Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SD 675 Affected: SD 8 Gen1 5G Affected: SD205 Affected: SD210 Affected: SD429 Affected: SD439 Affected: SD450 Affected: SD460 Affected: SD632 Affected: SD660 Affected: SD662 Affected: SD670 Affected: SD675 Affected: SD678 Affected: SD710 Affected: SD730 Affected: SD820 Affected: SD821 Affected: SD835 Affected: SD845 Affected: SD855 Affected: SD865 5G Affected: SD870 Affected: SDA429W Affected: SDM429W Affected: SDW2500 Affected: SDX12 Affected: SDX20 Affected: SDX20M Affected: SDX24 Affected: SDX50M Affected: SDX55 Affected: SDX55M Affected: SDX65 Affected: SDXR1 Affected: SDXR2 5G Affected: SM4125 Affected: SW5100 Affected: SW5100P Affected: WCD9306 Affected: WCD9326 Affected: WCD9330 Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9360 Affected: WCD9370 Affected: WCD9371 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 Affected: WCN3610 Affected: WCN3615 Affected: WCN3620 Affected: WCN3660 Affected: WCN3660B Affected: WCN3680 Affected: WCN3680B Affected: WCN3910 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WCN3998 Affected: WCN3999 Affected: WCN6740 Affected: WCN6850 Affected: WCN6851 Affected: WCN6855 Affected: WCN6856 Affected: WCN7850 Affected: WCN7851 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:43.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25720",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T14:35:56.886964Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129 Improper Validation of Array Index",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T14:36:02.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009"
},
{
"status": "affected",
"version": "APQ8009W"
},
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8052"
},
{
"status": "affected",
"version": "APQ8053"
},
{
"status": "affected",
"version": "APQ8056"
},
{
"status": "affected",
"version": "APQ8064AU"
},
{
"status": "affected",
"version": "APQ8076"
},
{
"status": "affected",
"version": "APQ8096AU"
},
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "AR6003"
},
{
"status": "affected",
"version": "AR8031"
},
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "CSRB31024"
},
{
"status": "affected",
"version": "MDM8215"
},
{
"status": "affected",
"version": "MDM8215M"
},
{
"status": "affected",
"version": "MDM8615M"
},
{
"status": "affected",
"version": "MDM9150"
},
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9215"
},
{
"status": "affected",
"version": "MDM9230"
},
{
"status": "affected",
"version": "MDM9250"
},
{
"status": "affected",
"version": "MDM9310"
},
{
"status": "affected",
"version": "MDM9330"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9615"
},
{
"status": "affected",
"version": "MDM9615M"
},
{
"status": "affected",
"version": "MDM9628"
},
{
"status": "affected",
"version": "MDM9630"
},
{
"status": "affected",
"version": "MDM9640"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "MSM8108"
},
{
"status": "affected",
"version": "MSM8208"
},
{
"status": "affected",
"version": "MSM8209"
},
{
"status": "affected",
"version": "MSM8608"
},
{
"status": "affected",
"version": "MSM8909W"
},
{
"status": "affected",
"version": "MSM8917"
},
{
"status": "affected",
"version": "MSM8952"
},
{
"status": "affected",
"version": "MSM8953"
},
{
"status": "affected",
"version": "MSM8956"
},
{
"status": "affected",
"version": "MSM8976"
},
{
"status": "affected",
"version": "MSM8976SG"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QCA4020"
},
{
"status": "affected",
"version": "QCA6174"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6175A"
},
{
"status": "affected",
"version": "QCA6310"
},
{
"status": "affected",
"version": "QCA6320"
},
{
"status": "affected",
"version": "QCA6335"
},
{
"status": "affected",
"version": "QCA6390"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6421"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCA6431"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCA6554A"
},
{
"status": "affected",
"version": "QCA6564"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6584"
},
{
"status": "affected",
"version": "QCA6584AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA9367"
},
{
"status": "affected",
"version": "QCA9377"
},
{
"status": "affected",
"version": "QCA9379"
},
{
"status": "affected",
"version": "QCC5100"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCN6024"
},
{
"status": "affected",
"version": "QCN7605"
},
{
"status": "affected",
"version": "QCN7606"
},
{
"status": "affected",
"version": "QCN9024"
},
{
"status": "affected",
"version": "QCS405"
},
{
"status": "affected",
"version": "QCS410"
},
{
"status": "affected",
"version": "QCS605"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "QCS6125"
},
{
"status": "affected",
"version": "QCX315"
},
{
"status": "affected",
"version": "QET4101"
},
{
"status": "affected",
"version": "QRB5165"
},
{
"status": "affected",
"version": "QRB5165M"
},
{
"status": "affected",
"version": "QRB5165N"
},
{
"status": "affected",
"version": "QSW8573"
},
{
"status": "affected",
"version": "Qualcomm215"
},
{
"status": "affected",
"version": "SA4150P"
},
{
"status": "affected",
"version": "SA4155P"
},
{
"status": "affected",
"version": "SA415M"
},
{
"status": "affected",
"version": "SA515M"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SD 675"
},
{
"status": "affected",
"version": "SD 8 Gen1 5G"
},
{
"status": "affected",
"version": "SD205"
},
{
"status": "affected",
"version": "SD210"
},
{
"status": "affected",
"version": "SD429"
},
{
"status": "affected",
"version": "SD439"
},
{
"status": "affected",
"version": "SD450"
},
{
"status": "affected",
"version": "SD460"
},
{
"status": "affected",
"version": "SD632"
},
{
"status": "affected",
"version": "SD660"
},
{
"status": "affected",
"version": "SD662"
},
{
"status": "affected",
"version": "SD670"
},
{
"status": "affected",
"version": "SD675"
},
{
"status": "affected",
"version": "SD678"
},
{
"status": "affected",
"version": "SD710"
},
{
"status": "affected",
"version": "SD730"
},
{
"status": "affected",
"version": "SD820"
},
{
"status": "affected",
"version": "SD821"
},
{
"status": "affected",
"version": "SD835"
},
{
"status": "affected",
"version": "SD845"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SD870"
},
{
"status": "affected",
"version": "SDA429W"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDW2500"
},
{
"status": "affected",
"version": "SDX12"
},
{
"status": "affected",
"version": "SDX20"
},
{
"status": "affected",
"version": "SDX20M"
},
{
"status": "affected",
"version": "SDX24"
},
{
"status": "affected",
"version": "SDX50M"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SDX55M"
},
{
"status": "affected",
"version": "SDX65"
},
{
"status": "affected",
"version": "SDXR1"
},
{
"status": "affected",
"version": "SDXR2 5G"
},
{
"status": "affected",
"version": "SM4125"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9326"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9360"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9371"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3990"
},
{
"status": "affected",
"version": "WCN3998"
},
{
"status": "affected",
"version": "WCN3999"
},
{
"status": "affected",
"version": "WCN6740"
},
{
"status": "affected",
"version": "WCN6850"
},
{
"status": "affected",
"version": "WCN6851"
},
{
"status": "affected",
"version": "WCN6855"
},
{
"status": "affected",
"version": "WCN6856"
},
{
"status": "affected",
"version": "WCN7850"
},
{
"status": "affected",
"version": "WCN7851"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Validation of Array Index in WLAN",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-19T00:00:00.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-25720",
"datePublished": "2022-10-19T00:00:00.000Z",
"dateReserved": "2022-02-22T00:00:00.000Z",
"dateUpdated": "2025-05-09T14:36:02.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…