CVE-2022-25679

moderate-risk

Published 2022-11-15

Denial of service in video due to improper access control in broadcast receivers in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Do I need to act?

0.10% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.2/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Aqt1000 Firmware

Qca6390 Firmware

Qca6391 Firmware

Qca6420 Firmware

Qca6430 Firmware

Qcm2290 Firmware

Qcm4290 Firmware

Qcm6490 Firmware

Qcn7606 Firmware

Qcs2290 Firmware

Qcs4290 Firmware

Qcs6490 Firmware

Sd 675 Firmware

Sd 8 Gen1 5G Firmware

Sd460 Firmware

Sd480 Firmware

Sd662 Firmware

Sd665 Firmware

Sd675 Firmware

Sd678 Firmware

Affected Vendors

Qualcomm

References (2)

Vendor Advisory https://www.qualcomm.com/company/product-security/bulletins/november-2022-bullet...

/ 100

moderate-risk

Severity 20/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 27/34 · High