Cryptographic Vulnerability in Snapdragon Wired Infrastructure and Networking by Qualcomm
CVE-2022-25652

9CRITICAL

Key Information:

Vendor: Qualcomm
Status: Snapdragon Wired Infrastructure And Networking
Vendor: CVE Published:; 16 September 2022

Summary

This vulnerability arises from improper hash verification within Snapdragon's Wired Infrastructure and Networking solution. It compromises the integrity of cryptographic operations, potentially allowing attackers to exploit weaknesses in data verification processes. This can lead to unauthorized access or manipulation of sensitive information during data transmission, making it essential for users to implement protective measures and stay informed about security updates.

Affected Version(s)

Snapdragon Wired Infrastructure and Networking CSR8811, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, PMP8074, QCA4024, QCA6428, QCA6438, QCA8072, QCA8075, QCA8081, QCA9888, QCA9889, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5550, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100

References

https://www.qualcomm.com/company/product-security/bulleti...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Sep 16, 2022
Vulnerability Reserved
Feb 22, 2022