ID

VAR-202209-0275


CVE

CVE-2022-25706


TITLE

Out-of-bounds read vulnerability in multiple Qualcomm products

Trust: 0.8

sources: JVNDB: JVNDB-2022-016533

DESCRIPTION

Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. APQ8009W firmware, APQ8017 firmware, APQ8053 Multiple Qualcomm products, such as firmware, contain an out-of-bounds read vulnerability.Information may be obtained

Trust: 1.71

sources: NVD: CVE-2022-25706 // JVNDB: JVNDB-2022-016533 // VULMON: CVE-2022-25706

AFFECTED PRODUCTS

vendor:qualcommmodel:qcs603scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd845scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9371scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd780gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd678scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8096auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7325pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd710scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8909wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8053scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd632scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs605scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr2 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 636scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8917scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd750gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx50mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm4125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8832scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd870scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm630scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdw2500scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd695scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8953scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd662scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6856scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8195pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qualcomm215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd480scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm8475pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd665scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd460scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8017scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8 gen1 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd778gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3910scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6750scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd670scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd720gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm8475scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd768gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:qca6310scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8917scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8053scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6420scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6320scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8096auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6564auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8909wscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6564ascope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6335scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8996auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6390scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009wscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6426scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6391scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6430scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8953scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6436scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8017scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-016533 // NVD: CVE-2022-25706

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-25706
value: HIGH

Trust: 1.0

product-security@qualcomm.com: CVE-2022-25706
value: HIGH

Trust: 1.0

NVD: CVE-2022-25706
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202209-229
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-25706
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

product-security@qualcomm.com: CVE-2022-25706
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 4.2
version: 3.1

Trust: 1.0

NVD: CVE-2022-25706
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-016533 // CNNVD: CNNVD-202209-229 // NVD: CVE-2022-25706 // NVD: CVE-2022-25706

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.0

problemtype:Out-of-bounds read (CWE-125) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-016533 // NVD: CVE-2022-25706

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202209-229

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202209-229

EXTERNAL IDS

db:NVDid:CVE-2022-25706

Trust: 3.3

db:JVNDBid:JVNDB-2022-016533

Trust: 0.8

db:AUSCERTid:ESB-2022.4460

Trust: 0.6

db:CNNVDid:CNNVD-202209-229

Trust: 0.6

db:VULMONid:CVE-2022-25706

Trust: 0.1

sources: VULMON: CVE-2022-25706 // JVNDB: JVNDB-2022-016533 // CNNVD: CNNVD-202209-229 // NVD: CVE-2022-25706

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-25706

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-25706/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4460

Trust: 0.6

url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-september-2022-39200

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2022-25706 // JVNDB: JVNDB-2022-016533 // CNNVD: CNNVD-202209-229 // NVD: CVE-2022-25706

SOURCES

db:VULMONid:CVE-2022-25706
db:JVNDBid:JVNDB-2022-016533
db:CNNVDid:CNNVD-202209-229
db:NVDid:CVE-2022-25706

LAST UPDATE DATE

2024-08-14T13:15:07.156000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2022-25706date:2022-09-16T00:00:00
db:JVNDBid:JVNDB-2022-016533date:2023-10-05T01:48:00
db:CNNVDid:CNNVD-202209-229date:2022-09-21T00:00:00
db:NVDid:CVE-2022-25706date:2023-04-19T17:10:55.030

SOURCES RELEASE DATE

db:VULMONid:CVE-2022-25706date:2022-09-16T00:00:00
db:JVNDBid:JVNDB-2022-016533date:2023-10-05T00:00:00
db:CNNVDid:CNNVD-202209-229date:2022-09-06T00:00:00
db:NVDid:CVE-2022-25706date:2022-09-16T06:15:11.263