CVE-2022-25690 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-25690 PUBLISHED CVSS 7.5 HIGH

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

EPSS 0.30% · 52.9th percentile

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.30%

52.9th percentile

Affected Products

Vendor	Product	Versions
qualcomm	csra6620_firmware
qualcomm	sd888_firmware
qualcomm	sd_8cx_gen3_firmware
qualcomm	sd678_firmware
qualcomm	qca6420_firmware
qualcomm	qcs6125_firmware
qualcomm	sd_8_gen1_5g_firmware
qualcomm	sa6155_firmware
qualcomm	wcn6740_firmware
qualcomm	sd712_firmware
qualcomm	csrb31024_firmware
qualcomm	wcn6856_firmware
qualcomm	msm8996au_firmware
qualcomm	wcd9326_firmware
qualcomm	sa6145p_firmware
qualcomm	ar8031_firmware
qualcomm	qca6696_firmware
qualcomm	sd670_firmware
qualcomm	sd7c_firmware
qualcomm	qca6436_firmware

…and 133 more

Timeline

Sep 7, 2022 CVE Published
Sep 16, 2022 EPSS Score
Oct 30, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Jan 27, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 12, 2023 EPSS Score
Apr 26, 2023 EPSS Score
Jun 9, 2023 EPSS Score
Jul 23, 2023 EPSS Score
Sep 5, 2023 EPSS Score
Oct 20, 2023 EPSS Score

References

Open in Interactive Console →