Sign-up

ID

VAR-202212-0660


CVE

CVE-2022-25702


TITLE

Reachable Assertion Vulnerability in Multiple Qualcomm Products

Trust: 0.8

sources: JVNDB: JVNDB-2022-023283

DESCRIPTION

Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. APQ8009 firmware, APQ8017 firmware, APQ8037 Multiple Qualcomm products, such as firmware, contain a reachable assertion vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2022-25702 // JVNDB: JVNDB-2022-023283

AFFECTED PRODUCTS

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd210scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fsm10055scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8209scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm4375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd480scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6750scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd870scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr2 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6421scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8017scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8917scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx50mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8037scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd695scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8608scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd780gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd768gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8937scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8081scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6856scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6431scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd750gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8108scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa515mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8035scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcx315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8208scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8 gen1 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx65scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sda429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:ar8035scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca8081scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fsm10055scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8208scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6436scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8108scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6421scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8017scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6391scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6390scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8037scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8209scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8608scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6426scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6431scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8917scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca8337scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8937scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-023283 // NVD: CVE-2022-25702

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-25702
value: HIGH

Trust: 1.8

product-security@qualcomm.com: CVE-2022-25702
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202212-2260
value: HIGH

Trust: 0.6

NVD:
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2022-25702
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-023283 // NVD: CVE-2022-25702 // NVD: CVE-2022-25702 // CNNVD: CNNVD-202212-2260

PROBLEMTYPE DATA

problemtype:CWE-617

Trust: 1.0

problemtype:Reachable assertions (CWE-617) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-023283 // NVD: CVE-2022-25702

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202212-2260

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202212-2260

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-25702

PATCH
title:Google Pixel Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=217667
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202212-2260

EXTERNAL IDS
db:NVDid:CVE-2022-25702
Trust: 3.2
db:JVNDBid:JVNDB-2022-023283
Trust: 0.8
db:CNNVDid:CNNVD-202212-2260
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2022-023283 // 
            
            
            
            NVD: CVE-2022-25702 // 
            
            
            
            CNNVD: CNNVD-202212-2260

REFERENCES
url:https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2022-25702
Trust: 0.8
url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2022-40023
Trust: 0.6
url:https://cxsecurity.com/cveshow/cve-2022-25702/
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2022-023283 // 
            
            
            
            NVD: CVE-2022-25702 // 
            
            
            
            CNNVD: CNNVD-202212-2260

SOURCES
db:JVNDBid:JVNDB-2022-023283
db:NVDid:CVE-2022-25702
db:CNNVDid:CNNVD-202212-2260

LAST UPDATE DATE
2023-12-18T11:55:18.262000+00:00

SOURCES UPDATE DATE
db:JVNDBid:JVNDB-2022-023283date:2023-11-28T03:13:00
db:NVDid:CVE-2022-25702date:2023-04-19T17:10:55.030
db:CNNVDid:CNNVD-202212-2260date:2022-12-16T00:00:00

SOURCES RELEASE DATE
db:JVNDBid:JVNDB-2022-023283date:2023-11-28T00:00:00
db:NVDid:CVE-2022-25702date:2022-12-13T16:15:18.620
db:CNNVDid:CNNVD-202212-2260date:2022-12-05T00:00:00