Information Disclosure in Snapdragon Wired Infrastructure and Networking
CVE-2022-25667

7.5HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon Wired Infrastructure And Networking
Vendor: CVE Published:; 15 November 2022

What is CVE-2022-25667?

An information disclosure vulnerability exists due to the improper handling of ICMP requests within Qualcomm's Snapdragon Wired Infrastructure and Networking products. This flaw can potentially expose sensitive system information, making it critical for users of affected devices to apply relevant updates and security patches to mitigate risks.

Affected Version(s)

Snapdragon Wired Infrastructure and Networking AR9380

Snapdragon Wired Infrastructure and Networking CSR8811

Snapdragon Wired Infrastructure and Networking IPQ4018

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 15, 2022
Vulnerability Reserved
Feb 22, 2022