What is the severity of CVE-2022-25698?

The severity of CVE-2022-25698 is high with a CVSS score of 7.8.

Which devices are affected by CVE-2022-25698?

Devices running Snapdragon Mobile or Snapdragon Wearables with specific firmware versions are affected.

How does CVE-2022-25698 impact the affected devices?

CVE-2022-25698 can lead to memory corruption in SPI buses, potentially resulting in security vulnerabilities or system instability.

How can I fix CVE-2022-25698?

To fix CVE-2022-25698, it is recommended to apply the security updates provided by Qualcomm or Google and follow the guidelines given in the referenced bulletins.

Where can I find more information about CVE-2022-25698?

You can find more information about CVE-2022-25698 in the December 2022 bulletin from Qualcomm and the associated Android Security Bulletin for December 2022.

Vulnerability/
CVE-2022-25698

high

8.4

CWE

787 20

5/12/2022

13/12/2022

3/8/2024

CVE-2022-25698: Input Validation

First published: Mon Dec 05 2022(Updated: )

Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon Mobile, Snapdragon Wearables

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Google Android
Qualcomm Sm8475
Google Android
Google Android
Qualcomm Sda429w Firmware
Google Android
Qualcomm Sdm429w Firmware
Qualcomm Sdm429w
Google Android
Google Android
Qualcomm Wcn3610 Firmware
Google Android
Google Android
Qualcomm Wcn3620
Google Android
Google Android
Google Android
Google Android
Google Android
Google Android
Qualcomm Wcn6855 Firmware
Google Android
Google Android
Google Android
Qualcomm Wcn7850 Firmware
Google Android
Google Android
Qualcomm Wcn7851
Google Android
Google Android
Google Android
Google Android
Google Android

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-25698?
The severity of CVE-2022-25698 is high with a CVSS score of 7.8.
Which devices are affected by CVE-2022-25698?
Devices running Snapdragon Mobile or Snapdragon Wearables with specific firmware versions are affected.
How does CVE-2022-25698 impact the affected devices?
CVE-2022-25698 can lead to memory corruption in SPI buses, potentially resulting in security vulnerabilities or system instability.
How can I fix CVE-2022-25698?
To fix CVE-2022-25698, it is recommended to apply the security updates provided by Qualcomm or Google and follow the guidelines given in the referenced bulletins.
Where can I find more information about CVE-2022-25698?
You can find more information about CVE-2022-25698 in the December 2022 bulletin from Qualcomm and the associated Android Security Bulletin for December 2022.

collector/nvd-index
agent/type
agent/first-publish-date
agent/softwarecombine
collector/android-source
source/Android
agent/software-canonical-lookup
agent/author
agent/last-modified-date
agent/weakness
agent/severity
agent/references
agent/tags
agent/description
agent/event
collector/mitre-cve
source/MITRE
vendor/qualcomm
canonical/google android
canonical/qualcomm sm8475
canonical/qualcomm sda429w firmware
canonical/qualcomm sdm429w firmware
canonical/qualcomm sdm429w
canonical/qualcomm wcn3610 firmware
canonical/qualcomm wcn3620
canonical/qualcomm wcn6855 firmware
canonical/qualcomm wcn7850 firmware
canonical/qualcomm wcn7851
vendor/google

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.