CVE-2022-22069 : Devices with keyprotect off may store unencrypted keybox in RPMB and cause crypt

Devices with keyprotect off may store unencrypted keybox in RPMB and cause cryptographic issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published 2022-09-02 12:15:10

Updated 2022-09-08 01:47:45

Source Qualcomm, Inc.

View at NVD, CVE.org

Products affected by CVE-2022-22069

Qualcomm » Qca6574au Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6574au » Version: N/A
Qualcomm » Qca6574 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6574 » Version: N/A
Qualcomm » Sd 675 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd 675 » Version: N/A
Qualcomm » Sd855 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd855 » Version: N/A
Qualcomm » Sa6155p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa6155p » Version: N/A
Qualcomm » Qca6390 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6390 » Version: N/A
Qualcomm » Aqt1000 Firmware » Version: N/A
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Aqt1000 » Version: N/A
Qualcomm » Qca6391 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6391 » Version: N/A
Qualcomm » Qca6420 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6420 » Version: N/A
Qualcomm » Qca6430 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6430 » Version: N/A
Qualcomm » Qca6595au Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6595au » Version: N/A
Qualcomm » Wcd9341 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9341 » Version: N/A
Qualcomm » Wcn3990 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3990 » Version: N/A
Qualcomm » Wcn3998 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3998 » Version: N/A
Qualcomm » Wcn6850 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6850 » Version: N/A
Qualcomm » Wcn6851 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6851 » Version: N/A
Qualcomm » Wcn6855 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6855 » Version: N/A
Qualcomm » Wcn6856 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6856 » Version: N/A
Qualcomm » Wsa8810 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8810 » Version: N/A
Qualcomm » Wsa8815 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8815 » Version: N/A
Qualcomm » Sa8155p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa8155p » Version: N/A
Qualcomm » Qcm4290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcm4290 » Version: N/A
Qualcomm » Qcs4290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcs4290 » Version: N/A
Qualcomm » Qsm8350 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qsm8350 » Version: N/A
Qualcomm » Sa6155 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa6155 » Version: N/A
Qualcomm » Sa8155 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa8155 » Version: N/A
Qualcomm » Sdx50m Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx50m » Version: N/A
Qualcomm » Sdx55m Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx55m » Version: N/A
Qualcomm » Sm6250 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm6250 » Version: N/A
Qualcomm » Sm7250p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm7250p » Version: N/A
Qualcomm » Sa8195p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa8195p » Version: N/A
Qualcomm » Sm4125 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm4125 » Version: N/A
Qualcomm » Qca6421 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6421 » Version: N/A
Qualcomm » Qca6426 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6426 » Version: N/A
Qualcomm » Qca6431 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6431 » Version: N/A
Qualcomm » Qca6436 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6436 » Version: N/A
Qualcomm » Qca6574a Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6574a » Version: N/A
Qualcomm » Qca6696 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6696 » Version: N/A
Qualcomm » Sd460 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd460 » Version: N/A
Qualcomm » Sd662 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd662 » Version: N/A
Qualcomm » Sd665 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd665 » Version: N/A
Qualcomm » Sd670 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd670 » Version: N/A
Qualcomm » Sd675 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd675 » Version: N/A
Qualcomm » Sd690 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd690 5g » Version: N/A
Qualcomm » Sd710 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd710_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd710 » Version: N/A
Qualcomm » Sd720g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd720g » Version: N/A
Qualcomm » Sd730 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd730 » Version: N/A
Qualcomm » Sd750g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd750g » Version: N/A
Qualcomm » Sd765 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd765 » Version: N/A
Qualcomm » Sd765g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd765g » Version: N/A
Qualcomm » Sd768g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd768g » Version: N/A
Qualcomm » Sd865 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd865 5g » Version: N/A
Qualcomm » Sd888 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd888 5g » Version: N/A
Qualcomm » Sdxr2 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdxr2 5g » Version: N/A
Qualcomm » Wcd9326 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9326 » Version: N/A
Qualcomm » Wcd9370 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9370 » Version: N/A
Qualcomm » Wcd9375 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9375 » Version: N/A
Qualcomm » Wcd9380 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9380 » Version: N/A
Qualcomm » Wcd9385 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9385 » Version: N/A
Qualcomm » Wcn3910 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3910 » Version: N/A
Qualcomm » Wcn3950 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3950 » Version: N/A
Qualcomm » Wcn3980 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3980 » Version: N/A
Qualcomm » Wcn3988 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3988 » Version: N/A
Qualcomm » Wcn3991 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3991 » Version: N/A
Qualcomm » Wcn6750 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6750 » Version: N/A
Qualcomm » Wsa8830 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8830 » Version: N/A
Qualcomm » Wsa8835 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8835 » Version: N/A
Qualcomm » Qcm2290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcm2290 » Version: N/A
Qualcomm » Qcs2290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcs2290 » Version: N/A
Qualcomm » Wcn6740 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6740 » Version: N/A
Qualcomm » Sd678 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd678 » Version: N/A
Qualcomm » Sd870 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd870 » Version: N/A
Qualcomm » Sd480 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd480 » Version: N/A
Qualcomm » Sd888 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd888 » Version: N/A
Qualcomm » Sd778g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd778g » Version: N/A
Qualcomm » Sm7325p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm7325p » Version: N/A
Qualcomm » Sd780g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd780g » Version: N/A
Qualcomm » Sm7315 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm7315 » Version: N/A
Qualcomm » Qcm6490 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcm6490 » Version: N/A
Qualcomm » Qcs6490 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcs6490 » Version: N/A
Qualcomm » Wcn7850 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn7850 » Version: N/A
Qualcomm » Wcn7851 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn7851 » Version: N/A
Qualcomm » Sw5100 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sw5100 » Version: N/A
Qualcomm » Sw5100p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sw5100p » Version: N/A
Qualcomm » Sd 8cx Gen3 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd_8cx_gen3_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd 8cx Gen3 » Version: N/A
Qualcomm » Sd680 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd680_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd680 » Version: N/A
Qualcomm » Sd695 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd695 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-22069

EPSS FAQ

0.03%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 6 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-22069

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.7	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N	2.5	5.2	Qualcomm, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: None

References for CVE-2022-22069

https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin

Qualcomm Documentation
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-22069

Products affected by CVE-2022-22069

Exploit prediction scoring system (EPSS) score for CVE-2022-22069

CVSS scores for CVE-2022-22069

References for CVE-2022-22069