CVE-2022-25673: Reachable Assertion in MODEM in Qualcomm, Inc. Snapdragon Mobile
Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile
AI Analysis
Technical Summary
CVE-2022-25673 is a medium-severity vulnerability identified in the modem components of Qualcomm Snapdragon Mobile chipsets. The flaw is classified as a reachable assertion failure (CWE-617), which occurs when the modem processes configuration data received from the network. Specifically, the modem's internal logic encounters an assertion condition that can be triggered remotely by crafted network configuration inputs, causing the assertion to fail and leading to a denial of service (DoS) condition. This vulnerability affects a broad range of Qualcomm products, including various wireless connectivity chips and Snapdragon SoCs such as SD 8 Gen1 5G and SDX65, as well as multiple wireless connectivity modules (e.g., WCN6855, WCN7850). The assertion failure disrupts the modem's normal operation, potentially causing the device to lose cellular connectivity or require a reboot to restore functionality. No known exploits have been reported in the wild, and no patches have been publicly released as of the publication date. The vulnerability does not require user interaction but can be triggered remotely by the network, which increases the risk of exploitation in environments where attackers can influence network configuration messages. The underlying cause is a logic flaw in handling network configuration inputs, which leads to an unexpected assertion being reached during processing, halting modem operations.
Potential Impact
For European organizations, the impact of this vulnerability primarily revolves around availability and operational continuity. Devices using affected Qualcomm Snapdragon Mobile chipsets are widely deployed in smartphones, IoT devices, and embedded systems. A successful exploitation could cause temporary loss of cellular connectivity, disrupting communication channels critical for business operations, especially for sectors relying on mobile networks for data transmission, such as logistics, emergency services, and remote monitoring. The denial of service could also affect critical infrastructure components that utilize cellular modems for telemetry or control, potentially leading to operational delays or safety risks. While confidentiality and integrity are not directly impacted, the loss of availability can have cascading effects on business processes and service delivery. The lack of known exploits reduces immediate risk, but the broad deployment of affected chipsets across consumer and industrial devices in Europe means that a weaponized exploit could have widespread consequences. Additionally, the vulnerability could be leveraged in targeted attacks against high-value organizations or critical infrastructure, particularly in scenarios where attackers have network-level access or can manipulate network configuration messages.
Mitigation Recommendations
Given the absence of publicly available patches, European organizations should implement specific mitigations beyond generic advice. First, network operators and device administrators should monitor and filter network configuration messages to detect and block malformed or suspicious inputs that could trigger the assertion failure. Deploying intrusion detection systems (IDS) with signatures tuned to anomalous modem configuration traffic can help identify exploitation attempts. Organizations should prioritize updating device firmware and software as soon as Qualcomm or device manufacturers release patches addressing this vulnerability. For critical systems, consider deploying redundant communication paths or failover mechanisms to maintain connectivity in case of modem failure. Device vendors and integrators should review their modem configuration handling and implement additional validation and error handling to prevent assertion triggers. Additionally, organizations should conduct risk assessments to identify devices using affected chipsets and evaluate their exposure, especially in environments with untrusted or semi-trusted network access. Network segmentation and strict access controls can limit the ability of attackers to send malicious configuration messages to vulnerable devices. Finally, maintaining up-to-date asset inventories and collaborating with mobile network providers can enhance situational awareness and response capabilities.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Sweden, Finland, Poland, Belgium
CVE-2022-25673: Reachable Assertion in MODEM in Qualcomm, Inc. Snapdragon Mobile
Description
Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile
AI-Powered Analysis
Technical Analysis
CVE-2022-25673 is a medium-severity vulnerability identified in the modem components of Qualcomm Snapdragon Mobile chipsets. The flaw is classified as a reachable assertion failure (CWE-617), which occurs when the modem processes configuration data received from the network. Specifically, the modem's internal logic encounters an assertion condition that can be triggered remotely by crafted network configuration inputs, causing the assertion to fail and leading to a denial of service (DoS) condition. This vulnerability affects a broad range of Qualcomm products, including various wireless connectivity chips and Snapdragon SoCs such as SD 8 Gen1 5G and SDX65, as well as multiple wireless connectivity modules (e.g., WCN6855, WCN7850). The assertion failure disrupts the modem's normal operation, potentially causing the device to lose cellular connectivity or require a reboot to restore functionality. No known exploits have been reported in the wild, and no patches have been publicly released as of the publication date. The vulnerability does not require user interaction but can be triggered remotely by the network, which increases the risk of exploitation in environments where attackers can influence network configuration messages. The underlying cause is a logic flaw in handling network configuration inputs, which leads to an unexpected assertion being reached during processing, halting modem operations.
Potential Impact
For European organizations, the impact of this vulnerability primarily revolves around availability and operational continuity. Devices using affected Qualcomm Snapdragon Mobile chipsets are widely deployed in smartphones, IoT devices, and embedded systems. A successful exploitation could cause temporary loss of cellular connectivity, disrupting communication channels critical for business operations, especially for sectors relying on mobile networks for data transmission, such as logistics, emergency services, and remote monitoring. The denial of service could also affect critical infrastructure components that utilize cellular modems for telemetry or control, potentially leading to operational delays or safety risks. While confidentiality and integrity are not directly impacted, the loss of availability can have cascading effects on business processes and service delivery. The lack of known exploits reduces immediate risk, but the broad deployment of affected chipsets across consumer and industrial devices in Europe means that a weaponized exploit could have widespread consequences. Additionally, the vulnerability could be leveraged in targeted attacks against high-value organizations or critical infrastructure, particularly in scenarios where attackers have network-level access or can manipulate network configuration messages.
Mitigation Recommendations
Given the absence of publicly available patches, European organizations should implement specific mitigations beyond generic advice. First, network operators and device administrators should monitor and filter network configuration messages to detect and block malformed or suspicious inputs that could trigger the assertion failure. Deploying intrusion detection systems (IDS) with signatures tuned to anomalous modem configuration traffic can help identify exploitation attempts. Organizations should prioritize updating device firmware and software as soon as Qualcomm or device manufacturers release patches addressing this vulnerability. For critical systems, consider deploying redundant communication paths or failover mechanisms to maintain connectivity in case of modem failure. Device vendors and integrators should review their modem configuration handling and implement additional validation and error handling to prevent assertion triggers. Additionally, organizations should conduct risk assessments to identify devices using affected chipsets and evaluate their exposure, especially in environments with untrusted or semi-trusted network access. Network segmentation and strict access controls can limit the ability of attackers to send malicious configuration messages to vulnerable devices. Finally, maintaining up-to-date asset inventories and collaborating with mobile network providers can enhance situational awareness and response capabilities.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- qualcomm
- Date Reserved
- 2022-02-22T00:00:00.000Z
- Cisa Enriched
- true
Threat ID: 682d9849c4522896dcbf6c03
Added to database: 5/21/2025, 9:09:29 AM
Last enriched: 6/21/2025, 9:39:42 PM
Last updated: 8/15/2025, 9:32:41 AM
Views: 15
Related Threats
CVE-2025-36088: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in IBM Storage TS4500 Library
MediumCVE-2025-43490: CWE-59 Improper Link Resolution Before File Access ('Link Following') in HP, Inc. HP Hotkey Support Software
MediumCVE-2025-9060: CWE-20 Improper Input Validation in MSoft MFlash
CriticalCVE-2025-8675: CWE-918 Server-Side Request Forgery (SSRF) in Drupal AI SEO Link Advisor
MediumCVE-2025-8362: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Drupal GoogleTag Manager
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.