Information Disclosure in Snapdragon Products by Qualcomm
CVE-2022-25719
Key Information:
- Vendor
- Qualcomm
- Vendor
- CVE Published:
- 19 October 2022
Summary
This vulnerability allows unauthorized parties to gain access to sensitive information over WLAN connections due to improper length checks during the authentication handshake in various Snapdragon products. Affected devices span multiple applications, including automotive, consumer electronics, IoT, and mobile communication, highlighting the broad implications for safety and privacy. Users and manufacturers are advised to implement patches provided by Qualcomm to mitigate potential risks associated with this flaw.
Affected Version(s)
Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking APQ8009
Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking APQ8009W
Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking APQ8016
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved