CVE-2022-25663: Buffer Over-read in WLAN in Qualcomm, Inc. Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
AI Analysis
Technical Summary
CVE-2022-25663 is a medium-severity vulnerability identified in various Qualcomm Snapdragon platforms, including Snapdragon Compute, Snapdragon Connectivity, and Snapdragon Consumer Electronics Connectivity products. The root cause is a buffer over-read condition stemming from inadequate buffer length validation during the processing of management frames received over WLAN. Specifically, when the affected Qualcomm WLAN components handle incoming management frames, they fail to properly check the length of the buffer before accessing it, leading to a potential buffer over-read. This vulnerability is classified under CWE-125 (Out-of-bounds Read). The consequence of this flaw is a denial of service (DoS) condition, where the affected device or component could crash or become unresponsive due to the improper memory access. The CVSS v3.1 base score is 5.5, indicating a medium severity level. The attack vector is local (AV:L), requiring low attack complexity (AC:L) and low privileges (PR:L), but no user interaction (UI:N). The impact affects availability only (A:H), with no confidentiality or integrity impact. No known exploits are currently reported in the wild, and no patches were linked in the provided data, suggesting that remediation may require vendor updates or firmware patches. The affected versions include a broad range of Qualcomm chipsets and connectivity modules such as AQT1000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA6390, QCA6391, QCA6420, QCA6430, SD 8cx Gen2/Gen3, SD778G, SD7c, SD850, SM6250, and multiple WCD and WCN series components. This vulnerability primarily impacts devices using these Qualcomm components for WLAN connectivity, including laptops, mobile devices, and consumer electronics relying on Snapdragon platforms.
Potential Impact
For European organizations, the primary impact of CVE-2022-25663 is the potential for denial of service on devices employing affected Qualcomm Snapdragon WLAN components. This could manifest as unexpected device crashes, network connectivity interruptions, or degraded performance in critical wireless communications. Organizations relying on Snapdragon-based devices for business operations, remote work, or IoT deployments may experience operational disruptions. Although the vulnerability does not directly compromise confidentiality or integrity, availability impacts can affect productivity and service continuity. In sectors such as finance, healthcare, and critical infrastructure, even temporary WLAN outages can have significant operational consequences. Additionally, the requirement for local access and low privileges means that attackers would need some level of access to the device or network segment, which could be feasible in shared or public environments. The lack of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits over time. European organizations should be aware of this vulnerability when deploying or managing devices with Qualcomm Snapdragon WLAN components, particularly in environments where wireless availability is critical.
Mitigation Recommendations
1. Inventory and Identification: Conduct a thorough inventory of all devices using Qualcomm Snapdragon WLAN components listed as affected. This includes laptops, mobile devices, IoT devices, and embedded systems. 2. Firmware and Driver Updates: Monitor Qualcomm and device vendor advisories for patches or firmware updates addressing CVE-2022-25663. Apply updates promptly once available. 3. Network Segmentation: Limit local access to critical devices by segmenting networks and restricting access to trusted users and devices only, reducing the risk of local exploitation. 4. Access Controls: Enforce strict access controls and endpoint security policies to prevent unauthorized local access or privilege escalation that could be leveraged to exploit this vulnerability. 5. Monitoring and Detection: Implement monitoring for unusual WLAN device behavior, crashes, or connectivity issues that may indicate exploitation attempts. 6. User Awareness: Educate users about the risks of connecting to untrusted wireless networks or devices, as local access is required for exploitation. 7. Vendor Coordination: Engage with device manufacturers and Qualcomm for timely information on patches and mitigation strategies. 8. Temporary Workarounds: If patches are unavailable, consider disabling WLAN management frame processing features or using alternative network interfaces where feasible to reduce exposure.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Sweden, Finland, Poland, Belgium
CVE-2022-25663: Buffer Over-read in WLAN in Qualcomm, Inc. Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
Description
Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
AI-Powered Analysis
Technical Analysis
CVE-2022-25663 is a medium-severity vulnerability identified in various Qualcomm Snapdragon platforms, including Snapdragon Compute, Snapdragon Connectivity, and Snapdragon Consumer Electronics Connectivity products. The root cause is a buffer over-read condition stemming from inadequate buffer length validation during the processing of management frames received over WLAN. Specifically, when the affected Qualcomm WLAN components handle incoming management frames, they fail to properly check the length of the buffer before accessing it, leading to a potential buffer over-read. This vulnerability is classified under CWE-125 (Out-of-bounds Read). The consequence of this flaw is a denial of service (DoS) condition, where the affected device or component could crash or become unresponsive due to the improper memory access. The CVSS v3.1 base score is 5.5, indicating a medium severity level. The attack vector is local (AV:L), requiring low attack complexity (AC:L) and low privileges (PR:L), but no user interaction (UI:N). The impact affects availability only (A:H), with no confidentiality or integrity impact. No known exploits are currently reported in the wild, and no patches were linked in the provided data, suggesting that remediation may require vendor updates or firmware patches. The affected versions include a broad range of Qualcomm chipsets and connectivity modules such as AQT1000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA6390, QCA6391, QCA6420, QCA6430, SD 8cx Gen2/Gen3, SD778G, SD7c, SD850, SM6250, and multiple WCD and WCN series components. This vulnerability primarily impacts devices using these Qualcomm components for WLAN connectivity, including laptops, mobile devices, and consumer electronics relying on Snapdragon platforms.
Potential Impact
For European organizations, the primary impact of CVE-2022-25663 is the potential for denial of service on devices employing affected Qualcomm Snapdragon WLAN components. This could manifest as unexpected device crashes, network connectivity interruptions, or degraded performance in critical wireless communications. Organizations relying on Snapdragon-based devices for business operations, remote work, or IoT deployments may experience operational disruptions. Although the vulnerability does not directly compromise confidentiality or integrity, availability impacts can affect productivity and service continuity. In sectors such as finance, healthcare, and critical infrastructure, even temporary WLAN outages can have significant operational consequences. Additionally, the requirement for local access and low privileges means that attackers would need some level of access to the device or network segment, which could be feasible in shared or public environments. The lack of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits over time. European organizations should be aware of this vulnerability when deploying or managing devices with Qualcomm Snapdragon WLAN components, particularly in environments where wireless availability is critical.
Mitigation Recommendations
1. Inventory and Identification: Conduct a thorough inventory of all devices using Qualcomm Snapdragon WLAN components listed as affected. This includes laptops, mobile devices, IoT devices, and embedded systems. 2. Firmware and Driver Updates: Monitor Qualcomm and device vendor advisories for patches or firmware updates addressing CVE-2022-25663. Apply updates promptly once available. 3. Network Segmentation: Limit local access to critical devices by segmenting networks and restricting access to trusted users and devices only, reducing the risk of local exploitation. 4. Access Controls: Enforce strict access controls and endpoint security policies to prevent unauthorized local access or privilege escalation that could be leveraged to exploit this vulnerability. 5. Monitoring and Detection: Implement monitoring for unusual WLAN device behavior, crashes, or connectivity issues that may indicate exploitation attempts. 6. User Awareness: Educate users about the risks of connecting to untrusted wireless networks or devices, as local access is required for exploitation. 7. Vendor Coordination: Engage with device manufacturers and Qualcomm for timely information on patches and mitigation strategies. 8. Temporary Workarounds: If patches are unavailable, consider disabling WLAN management frame processing features or using alternative network interfaces where feasible to reduce exposure.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- qualcomm
- Date Reserved
- 2022-02-22T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0fa1484d88663aec44d
Added to database: 5/20/2025, 6:59:06 PM
Last enriched: 7/4/2025, 7:25:20 PM
Last updated: 8/12/2025, 4:31:36 PM
Views: 20
Related Threats
CVE-2025-55286: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer in vancluever z2d
HighCVE-2025-52621: CWE-346 Origin Validation Error in HCL Software BigFix SaaS Remediate
MediumCVE-2025-52620: CWE-20 Improper Input Validation in HCL Software BigFix SaaS Remediate
MediumCVE-2025-52619: CWE-209 Generation of Error Message Containing Sensitive Information in HCL Software BigFix SaaS Remediate
MediumCVE-2025-52618: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in HCL Software BigFix SaaS Remediate
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.