CVE-2022-25674

Summary

Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicAR8031affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicCSRA6620affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicCSRA6640affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicMDM9205affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCA4004affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCA4010affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCA4020affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCA4024affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCS405affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCD9306affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCD9335affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCN3980affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCN3998affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCN3999affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWSA8810affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWSA8815affected

Weaknesses

  • Cryptographic Issues in WLAN

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References