Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-25652

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking

Security Impact Summary

This vulnerability carries a CRITICAL severity rating with a CVSS v3.1 score of 9.0, requiring local system access to exploit with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts confidentiality (data exposure), integrity (unauthorized modifications), for affected systems. Impacting 120 products from qualcomm, from qualcomm, from qualcomm and 117 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2022, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2022-09-16T06:15:10.553

Last Modified

2024-11-21T06:52:30.990

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.0 (CRITICAL)

Weaknesses

Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	qualcomm	csr8811_firmware	-	Yes
Hardware	qualcomm	csr8811	-	No
Operating System	qualcomm	ipq5010_firmware	-	Yes
Hardware	qualcomm	ipq5010	-	No
Operating System	qualcomm	ipq5018_firmware	-	Yes
Hardware	qualcomm	ipq5018	-	No
Operating System	qualcomm	ipq5028_firmware	-	Yes
Hardware	qualcomm	ipq5028	-	No
Operating System	qualcomm	ipq6000_firmware	-	Yes
Hardware	qualcomm	ipq6000	-	No
Operating System	qualcomm	ipq6005_firmware	-	Yes
Hardware	qualcomm	ipq6005	-	No
Operating System	qualcomm	ipq6010_firmware	-	Yes
Hardware	qualcomm	ipq6010	-	No
Operating System	qualcomm	ipq6018_firmware	-	Yes
Hardware	qualcomm	ipq6018	-	No
Operating System	qualcomm	ipq6028_firmware	-	Yes
Hardware	qualcomm	ipq6028	-	No
Operating System	qualcomm	ipq8070_firmware	-	Yes
Hardware	qualcomm	ipq8070	-	No
Operating System	qualcomm	ipq8070a_firmware	-	Yes
Hardware	qualcomm	ipq8070a	-	No
Operating System	qualcomm	ipq8071_firmware	-	Yes
Hardware	qualcomm	ipq8071	-	No
Operating System	qualcomm	ipq8071a_firmware	-	Yes
Hardware	qualcomm	ipq8071a	-	No
Operating System	qualcomm	ipq8072_firmware	-	Yes
Hardware	qualcomm	ipq8072	-	No
Operating System	qualcomm	ipq8072a_firmware	-	Yes
Hardware	qualcomm	ipq8072a	-	No
Operating System	qualcomm	ipq8074_firmware	-	Yes
Hardware	qualcomm	ipq8074	-	No
Operating System	qualcomm	ipq8074a_firmware	-	Yes
Hardware	qualcomm	ipq8074a	-	No
Operating System	qualcomm	ipq8076_firmware	-	Yes
Hardware	qualcomm	ipq8076	-	No
Operating System	qualcomm	ipq8076a_firmware	-	Yes
Hardware	qualcomm	ipq8076a	-	No
Operating System	qualcomm	ipq8078_firmware	-	Yes
Hardware	qualcomm	ipq8078	-	No
Operating System	qualcomm	ipq8078a_firmware	-	Yes
Hardware	qualcomm	ipq8078a	-	No
Operating System	qualcomm	ipq8173_firmware	-	Yes
Hardware	qualcomm	ipq8173	-	No
Operating System	qualcomm	ipq8174_firmware	-	Yes
Hardware	qualcomm	ipq8174	-	No
Operating System	qualcomm	pmp8074_firmware	-	Yes
Hardware	qualcomm	pmp8074	-	No
Operating System	qualcomm	qca4024_firmware	-	Yes
Hardware	qualcomm	qca4024	-	No
Operating System	qualcomm	qca6428_firmware	-	Yes
Hardware	qualcomm	qca6428	-	No
Operating System	qualcomm	qca6438_firmware	-	Yes
Hardware	qualcomm	qca6438	-	No
Operating System	qualcomm	qca8072_firmware	-	Yes
Hardware	qualcomm	qca8072	-	No
Operating System	qualcomm	qca8075_firmware	-	Yes
Hardware	qualcomm	qca8075	-	No
Operating System	qualcomm	qca8081_firmware	-	Yes
Hardware	qualcomm	qca8081	-	No
Operating System	qualcomm	qca9888_firmware	-	Yes
Hardware	qualcomm	qca9888	-	No
Operating System	qualcomm	qca9889_firmware	-	Yes
Hardware	qualcomm	qca9889	-	No
Operating System	qualcomm	qcn5021_firmware	-	Yes
Hardware	qualcomm	qcn5021	-	No
Operating System	qualcomm	qcn5022_firmware	-	Yes
Hardware	qualcomm	qcn5022	-	No
Operating System	qualcomm	qcn5024_firmware	-	Yes
Hardware	qualcomm	qcn5024	-	No
Operating System	qualcomm	qcn5052_firmware	-	Yes
Hardware	qualcomm	qcn5052	-	No
Operating System	qualcomm	qcn5054_firmware	-	Yes
Hardware	qualcomm	qcn5054	-	No
Operating System	qualcomm	qcn5064_firmware	-	Yes
Hardware	qualcomm	qcn5064	-	No
Operating System	qualcomm	qcn5121_firmware	-	Yes
Hardware	qualcomm	qcn5121	-	No
Operating System	qualcomm	qcn5122_firmware	-	Yes
Hardware	qualcomm	qcn5122	-	No
Operating System	qualcomm	qcn5124_firmware	-	Yes
Hardware	qualcomm	qcn5124	-	No
Operating System	qualcomm	qcn5152_firmware	-	Yes
Hardware	qualcomm	qcn5152	-	No
Operating System	qualcomm	qcn5154_firmware	-	Yes
Hardware	qualcomm	qcn5154	-	No
Operating System	qualcomm	qcn5164_firmware	-	Yes
Hardware	qualcomm	qcn5164	-	No
Operating System	qualcomm	qcn5550_firmware	-	Yes
Hardware	qualcomm	qcn5550	-	No
Operating System	qualcomm	qcn6023_firmware	-	Yes
Hardware	qualcomm	qcn6023	-	No
Operating System	qualcomm	qcn6024_firmware	-	Yes
Hardware	qualcomm	qcn6024	-	No
Operating System	qualcomm	qcn6100_firmware	-	Yes
Hardware	qualcomm	qcn6100	-	No
Operating System	qualcomm	qcn6102_firmware	-	Yes
Hardware	qualcomm	qcn6102	-	No
Operating System	qualcomm	qcn6112_firmware	-	Yes
Hardware	qualcomm	qcn6112	-	No
Operating System	qualcomm	qcn6122_firmware	-	Yes
Hardware	qualcomm	qcn6122	-	No
Operating System	qualcomm	qcn6132_firmware	-	Yes
Hardware	qualcomm	qcn6132	-	No
Operating System	qualcomm	qcn9000_firmware	-	Yes
Hardware	qualcomm	qcn9000	-	No
Operating System	qualcomm	qcn9012_firmware	-	Yes
Hardware	qualcomm	qcn9012	-	No
Operating System	qualcomm	qcn9022_firmware	-	Yes
Hardware	qualcomm	qcn9022	-	No
Operating System	qualcomm	qcn9024_firmware	-	Yes
Hardware	qualcomm	qcn9024	-	No
Operating System	qualcomm	qcn9070_firmware	-	Yes
Hardware	qualcomm	qcn9070	-	No
Operating System	qualcomm	qcn9072_firmware	-	Yes
Hardware	qualcomm	qcn9072	-	No
Operating System	qualcomm	qcn9074_firmware	-	Yes
Hardware	qualcomm	qcn9074	-	No
Operating System	qualcomm	qcn9100_firmware	-	Yes
Hardware	qualcomm	qcn9100	-	No

References

https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin Vendor Advisory ([email protected])
https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For qualcomm's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.