CVE-2022-25663 — MEDIUM (5.5)

Vulnerability Description

Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Qualcomm	Aqt1000 Firmware	-
Qualcomm	Aqt1000	-
Qualcomm	Qca1062 Firmware	-
Qualcomm	Qca1062	-
Qualcomm	Qca1064 Firmware	-
Qualcomm	Qca1064	-
Qualcomm	Qca2062 Firmware	-
Qualcomm	Qca2062	-
Qualcomm	Qca2064 Firmware	-
Qualcomm	Qca2064	-
Qualcomm	Qca2065 Firmware	-
Qualcomm	Qca2065	-
Qualcomm	Qca2066 Firmware	-
Qualcomm	Qca2066	-
Qualcomm	Qca6390 Firmware	-
Qualcomm	Qca6390	-
Qualcomm	Qca6391 Firmware	-
Qualcomm	Qca6391	-
Qualcomm	Qca6420 Firmware	-
Qualcomm	Qca6420	-

Related Weaknesses (CWE)

CWE-125

References

https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletiVendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletiVendor Advisory

FAQ

What is CVE-2022-25663?

CVE-2022-25663 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronic...

How severe is CVE-2022-25663?

CVE-2022-25663 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-25663?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Qca1062 Firmware, Qualcomm Qca1062, Qualcomm Qca1064 Firmware.