6.7
CVE-2022-25654
- EPSS 0.11%
- Published 16.09.2022 06:15:10
- Last modified 21.11.2024 06:52:31
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Apq8096au Firmware Version-
Qualcomm ≫ Mdm9650 Firmware Version-
Qualcomm ≫ Qca6174a Firmware Version-
Qualcomm ≫ Qca6574au Firmware Version-
Qualcomm ≫ Qcs603 Firmware Version-
Qualcomm ≫ Qcs605 Firmware Version-
Qualcomm ≫ Qualcomm215 Firmware Version-
Qualcomm ≫ Sd429 Firmware Version-
Qualcomm ≫ Sd820 Firmware Version-
Qualcomm ≫ Sdm429w Firmware Version-
Qualcomm ≫ Wcd9326 Firmware Version-
Qualcomm ≫ Wcd9335 Firmware Version-
Qualcomm ≫ Wcd9341 Firmware Version-
Qualcomm ≫ Wcn3615 Firmware Version-
Qualcomm ≫ Wcn3620 Firmware Version-
Qualcomm ≫ Wcn3660b Firmware Version-
Qualcomm ≫ Wcn3680 Firmware Version-
Qualcomm ≫ Wcn3980 Firmware Version-
Qualcomm ≫ Wcn3990 Firmware Version-
Qualcomm ≫ Wsa8810 Firmware Version-
Qualcomm ≫ Wsa8815 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.296 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| product-security@qualcomm.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.