Denial of Service Vulnerability in Qualcomm Snapdragon Products
CVE-2022-25679

6.2MEDIUM

Key Information:

Vendor: Qualcomm
Status: Snapdragon Compute, Snapdragon Consumer Iot, Snapdragon Industrial Iot, Snapdragon Mobile, Snapdragon Wearables
Vendor: CVE Published:; 15 November 2022

Summary

This vulnerability involves a denial of service scenario due to improper access control in broadcast receivers within various Qualcomm Snapdragon products. Affected products include Snapdragon Compute, Consumer IOT, Industrial IOT, Mobile, and Wearables, potentially allowing attackers to disrupt services and impact device functionality. It's essential to implement the recommended security measures to mitigate risks related to these vulnerabilities.

Affected Version(s)

Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables AQT1000

Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables QCA6390

Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables QCA6391

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2022
Vulnerability Reserved
Feb 22, 2022