Lucene search

[email protected]CVE-2022-25663

HistoryOct 19, 2022 - 11:15 a.m.

CVE-2022-25663

2022-10-1911:15:10

CWE-125

[email protected]

web.nvd.nist.gov

buffer overflow

denial of service

snapdragon

management frame

cve-2022-25663

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.4%

JSON

Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

Affected configurations

NVD

Node

qualcommaqt1000_firmwareMatch-

AND

qualcommaqt1000Match-

Node

qualcommqca1062_firmwareMatch-

AND

qualcommqca1062Match-

Node

qualcommqca1064_firmwareMatch-

AND

qualcommqca1064Match-

Node

qualcommqca2062_firmwareMatch-

AND

qualcommqca2062Match-

Node

qualcommqca2064_firmwareMatch-

AND

qualcommqca2064Match-

Node

qualcommqca2065_firmwareMatch-

AND

qualcommqca2065Match-

Node

qualcommqca2066_firmwareMatch-

AND

qualcommqca2066Match-

Node

qualcommqca6390_firmwareMatch-

AND

qualcommqca6390Match-

Node

qualcommqca6391_firmwareMatch-

AND

qualcommqca6391Match-

Node

qualcommqca6420_firmwareMatch-

AND

qualcommqca6420Match-

Node

qualcommqca6430_firmwareMatch-

AND

qualcommqca6430Match-

Node

qualcommsd_8cx_gen2_firmwareMatch-

AND

qualcommsd_8cx_gen2Match-

Node

qualcommsd_8cx_gen3_firmwareMatch-

AND

qualcommsd_8cx_gen3Match-

Node

qualcommsd778g_firmwareMatch-

AND

qualcommsd778gMatch-

Node

qualcommsd7c_firmwareMatch-

AND

qualcommsd7cMatch-

Node

qualcommsd850_firmwareMatch-

AND

qualcommsd850Match-

Node

qualcommsm6250_firmwareMatch-

AND

qualcommsm6250Match-

Node

qualcommwcd9340_firmwareMatch-

AND

qualcommwcd9340Match-

Node

qualcommwcd9341_firmwareMatch-

AND

qualcommwcd9341Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwcn3990_firmwareMatch-

AND

qualcommwcn3990Match-

Node

qualcommwcn3991_firmwareMatch-

AND

qualcommwcn3991Match-

Node

qualcommwcn3998_firmwareMatch-

AND

qualcommwcn3998Match-

Node

qualcommwcn6750_firmwareMatch-

AND

qualcommwcn6750Match-

Node

qualcommwcn6855_firmwareMatch-

AND

qualcommwcn6855Match-

Node

qualcommwcn6856_firmwareMatch-

AND

qualcommwcn6856Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

CPENameOperatorVersion
qualcomm:aqt1000_firmwarequalcomm aqt1000 firmwareeq-

CPE	Name	Operator	Version
qualcomm:aqt1000_firmware	qualcomm aqt1000 firmware	eq	-

CNA Affected

[
  {
    "vendor": "Qualcomm, Inc.",
    "product": "Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity",
    "versions": [
      {
        "version": "AQT1000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA6390, QCA6391, QCA6420, QCA6430, SD 8cx Gen2, SD 8cx Gen3, SD778G, SD7c, SD850, SM6250, WCD9340, WCD9341, WCD9380, WCD9385, WCN3990, WCN3991, WCN3998, WCN6750, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835",
        "status": "affected"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin

Social References

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.4%

JSON

Related for CVE-2022-25663

nvd1 cvelist1 prion1