CVE-2022-25718

CRITICAL

Snapdragon - Cryptographic Issue

Title source: llm

Description

Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

References (1)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin

Scores

CVSS v3 9.1

EPSS 0.0023

EPSS Percentile 45.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Classification

CWE

CWE-252

Status published

Affected Products (50)

qualcomm/apq8009_firmware

qualcomm/apq8009w_firmware

qualcomm/apq8016_firmware

qualcomm/apq8017_firmware

qualcomm/apq8037_firmware

qualcomm/apq8052_firmware

qualcomm/apq8053_firmware

qualcomm/apq8056_firmware

qualcomm/apq8064au_firmware

qualcomm/apq8076_firmware

qualcomm/apq8092_firmware

qualcomm/apq8094_firmware

qualcomm/apq8096au_firmware

qualcomm/ar8031_firmware

qualcomm/csra6620_firmware

... and 35 more

Timeline

Published Oct 19, 2022

Tracked Since Feb 18, 2026