V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2022-25748
CVE
Critical

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snap…

CVSS
9.8
Critical
EPSS
0.00
p34
Published
2022-01-01
Updated
2022-01-01
Description

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Tags · CWE
Pre-auth
CWE-190
CAPEC-92
Affected products
Apq8009_firmwareApq8017_firmwareApq8076_firmwareApq8096au_firmwareAqt1000_firmwareAr8031_firmwareAr8035_firmwareAr9380_firmwareCsr8811_firmwareCsra6620_firmwareCsra6640_firmwareCsrb31024_firmwareIpq4018_firmwareIpq4028_firmwareIpq4029_firmwareIpq5010_firmwareIpq5018_firmwareIpq5028_firmwareIpq6000_firmwareIpq6010_firmware
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
2022-01-01
Published
2022-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.004 · p34
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Qualcomm
Wcd9380Wcd9380 FirmwareWsa8830Wsa8835Wcd9385Qca6574auWsa8830 FirmwareWsa8835 FirmwareWcd9385 FirmwareQca6574au Firmware+390
ProductVendorStatus
apq8009_firmware*Tracked
apq8017_firmware*Tracked
apq8076_firmware*Tracked
apq8096au_firmware*Tracked
aqt1000_firmware*Tracked
ar8031_firmware*Tracked
ar8035_firmware*Tracked
ar9380_firmware*Tracked
csr8811_firmware*Tracked
csra6620_firmware*Tracked
csra6640_firmware*Tracked
csrb31024_firmware*Tracked
ipq4018_firmware*Tracked
ipq4028_firmware*Tracked
ipq4029_firmware*Tracked
ipq5010_firmware*Tracked
ipq5018_firmware*Tracked
ipq5028_firmware*Tracked
ipq6000_firmware*Tracked
ipq6010_firmware*Tracked
Showing first 20 of 273
Source databases
CVE