Denial of Service Vulnerability in Snapdragon Mobile MODEM by Qualcomm
CVE-2022-25672

7.5HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon Mobile
Vendor: CVE Published:; 13 December 2022

What is CVE-2022-25672?

A vulnerability has been identified in the Snapdragon Mobile MODEM that may lead to a denial-of-service condition due to a reachable assertion when processing SIB1 with invalid bandwidth parameters. This issue can interrupt services and degrade performance, impacting user experience. It is crucial for affected users to stay informed about this vulnerability and apply necessary mitigations as provided by Qualcomm.

Affected Version(s)

Snapdragon Mobile AR8035

Snapdragon Mobile QCA8081

Snapdragon Mobile QCA8337

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 13, 2022
Vulnerability Reserved
Feb 22, 2022