Buffer Over Read Vulnerability in Qualcomm's Snapdragon Products
CVE-2022-25665

6.8MEDIUM

Key Information:

Vendor
Qualcomm
Status
Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Iot, Snapdragon Mobile
Vendor
CVE Published:
19 October 2022

Summary

This vulnerability pertains to an information disclosure issue caused by a buffer over read in Qualcomm's Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IoT, and Snapdragon Mobile. Attackers exploiting this flaw could potentially gain unauthorized access to sensitive data leveraged in these platforms, underscoring the necessity for timely patching and security measures.

Affected Version(s)

Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile AQT1000, AR8035, QAM8295P, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCS603, QCS605, QSM8350, SA6145P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8295P, SA8540P, SA9000P, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD670, SD675, SD678, SD765, SD765G, SD768G, SD845, SD850, SD855, SD865 5G, SD870, SD888 5G, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDX65, SDXR2 5G, SM7250P, WCD9326, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3990, WCN3991, WCN3998, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.