#VU69962 Reachable Assertion in Qualcomm products - CVE-2022-25675
Published: December 6, 2022
Vulnerability identifier: #VU69962
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-25675
CWE-ID: CWE-617
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
AQT1000
QCA6310
QCA6320
QCA6390
QCA6391
QCA6420
QCA6430
QCM6490
QCS6490
QCX315
SD480
SD690 5G
SD695
SD765
SD765G
SD768G
SD778G
SD780G
SD865 5G
SD870
SD888 5G
SDX55M
SDX65
SM7250P
SM7325P
WCD9335
WCD9340
WCD9341
WCD9370
WCD9375
WCD9380
WCD9385
WCN3988
WCN3990
WCN3991
WCN3998
WCN6740
WCN6750
WCN6850
WCN6851
WCN6855
WCN6856
WSA8810
WSA8815
WSA8830
WSA8835
SD835
SD855
SDX55
AQT1000
QCA6310
QCA6320
QCA6390
QCA6391
QCA6420
QCA6430
QCM6490
QCS6490
QCX315
SD480
SD690 5G
SD695
SD765
SD765G
SD768G
SD778G
SD780G
SD865 5G
SD870
SD888 5G
SDX55M
SDX65
SM7250P
SM7325P
WCD9335
WCD9340
WCD9341
WCD9370
WCD9375
WCD9380
WCD9385
WCN3988
WCN3990
WCN3991
WCN3998
WCN6740
WCN6750
WCN6850
WCN6851
WCN6855
WCN6856
WSA8810
WSA8815
WSA8830
WSA8835
SD835
SD855
SDX55
Software vendor:
Qualcomm
Qualcomm
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion within the Modem component when processing filter rule from application client. A remote attacker can send specially crafted data to the device and perform a denial of service (DoS) attack.Remediation
Install updates from vendor's website.