CVE-2022-25652 : Cryptographic issues in BSP due to improper hash verification in Snapdragon Wire

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking

Published 2022-09-16 06:15:11

Updated 2022-09-20 13:20:00

Source Qualcomm, Inc.

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Products affected by CVE-2022-25652

Qualcomm » Ipq8074 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8074 » Version: N/A
Qualcomm » Qca8081 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca8081 » Version: N/A
Qualcomm » Ipq6018 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq6018 » Version: N/A
Qualcomm » Ipq5018 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq5018_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq5018 » Version: N/A
Qualcomm » Csr8811 Firmware » Version: N/A
cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Csr8811 » Version: N/A
Qualcomm » Ipq5010 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq5010 » Version: N/A
Qualcomm » Ipq6000 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq6000 » Version: N/A
Qualcomm » Ipq6005 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq6005_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq6005 » Version: N/A
Qualcomm » Ipq6010 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq6010 » Version: N/A
Qualcomm » Ipq6028 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq6028 » Version: N/A
Qualcomm » Ipq8070 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8070 » Version: N/A
Qualcomm » Ipq8070a Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8070a » Version: N/A
Qualcomm » Ipq8071 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8071 » Version: N/A
Qualcomm » Ipq8071a Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8071a » Version: N/A
Qualcomm » Ipq8072 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8072 » Version: N/A
Qualcomm » Ipq8072a Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8072a » Version: N/A
Qualcomm » Ipq8074a Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8074a » Version: N/A
Qualcomm » Ipq8076 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8076 » Version: N/A
Qualcomm » Ipq8076a Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8076a » Version: N/A
Qualcomm » Ipq8078 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8078 » Version: N/A
Qualcomm » Ipq8078a Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8078a » Version: N/A
Qualcomm » Ipq8173 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8173 » Version: N/A
Qualcomm » Ipq8174 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq8174 » Version: N/A
Qualcomm » Pmp8074 Firmware » Version: N/A
cpe:2.3:o:qualcomm:pmp8074_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Pmp8074 » Version: N/A
Qualcomm » Qca4024 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca4024 » Version: N/A
Qualcomm » Qca6428 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6428 » Version: N/A
Qualcomm » Qca6438 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6438 » Version: N/A
Qualcomm » Qca8072 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca8072 » Version: N/A
Qualcomm » Qca8075 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca8075 » Version: N/A
Qualcomm » Qca9888 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca9888 » Version: N/A
Qualcomm » Qca9889 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca9889 » Version: N/A
Qualcomm » Qcn5021 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5021 » Version: N/A
Qualcomm » Qcn5022 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5022 » Version: N/A
Qualcomm » Qcn5024 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5024 » Version: N/A
Qualcomm » Qcn5052 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5052 » Version: N/A
Qualcomm » Qcn5054 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5054 » Version: N/A
Qualcomm » Qcn5064 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5064_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5064 » Version: N/A
Qualcomm » Qcn5121 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5121_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5121 » Version: N/A
Qualcomm » Qcn5122 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5122 » Version: N/A
Qualcomm » Qcn5124 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5124 » Version: N/A
Qualcomm » Qcn5152 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5152 » Version: N/A
Qualcomm » Qcn5154 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5154 » Version: N/A
Qualcomm » Qcn5164 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5164 » Version: N/A
Qualcomm » Qcn5550 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn5550_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn5550 » Version: N/A
Qualcomm » Qcn6023 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn6023 » Version: N/A
Qualcomm » Qcn6024 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn6024 » Version: N/A
Qualcomm » Qcn9000 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn9000 » Version: N/A
Qualcomm » Qcn9012 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn9012 » Version: N/A
Qualcomm » Qcn9022 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn9022 » Version: N/A
Qualcomm » Qcn9024 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn9024 » Version: N/A
Qualcomm » Qcn9070 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn9070 » Version: N/A
Qualcomm » Qcn9072 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn9072 » Version: N/A
Qualcomm » Qcn9074 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn9074 » Version: N/A
Qualcomm » Qcn9100 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn9100 » Version: N/A
Qualcomm » Ipq5028 Firmware » Version: N/A
cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Ipq5028 » Version: N/A
Qualcomm » Qcn6122 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn6122 » Version: N/A
Qualcomm » Qcn6132 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn6132 » Version: N/A
Qualcomm » Qcn6100 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn6100_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn6100 » Version: N/A
Qualcomm » Qcn6102 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn6102_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn6102 » Version: N/A
Qualcomm » Qcn6112 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn6112_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn6112 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-25652

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 16 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-25652

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
9.0	CRITICAL	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N	2.5	5.8	Qualcomm, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: None

CWE ids for CVE-2022-25652

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-25652

https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin

Qualcomm Documentation
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-25652

Products affected by CVE-2022-25652

Exploit prediction scoring system (EPSS) score for CVE-2022-25652

CVSS scores for CVE-2022-25652

CWE ids for CVE-2022-25652

References for CVE-2022-25652