Skip to main content

CVE-2022-25736: Buffer Over-read in WLAN in Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

High
VulnerabilityCVE-2022-25736cvecve-2022-25736
Published: Wed Oct 19 2022 (10/19/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: Qualcomm, Inc.
Product: Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Description

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

AI-Powered Analysis

AILast updated: 07/05/2025, 02:27:59 UTC

Technical Analysis

CVE-2022-25736 is a high-severity vulnerability classified as a buffer over-read (CWE-125) affecting a broad range of Qualcomm Snapdragon platforms, including Snapdragon Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables, and Wired Infrastructure and Networking products. The vulnerability arises from an out-of-bounds read occurring during the processing of Very High Throughput (VHT) action frames within the WLAN (Wireless Local Area Network) component of these Snapdragon chipsets. Specifically, when the WLAN subsystem processes malformed or malicious VHT action frames, it may read memory beyond the allocated buffer boundaries. This can lead to a denial of service (DoS) condition, causing the affected device or system to crash or become unresponsive. The vulnerability does not impact confidentiality or integrity directly but affects availability by disrupting WLAN functionality. The CVSS v3.1 base score is 7.5 (high), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), no confidentiality or integrity impact (C:N/I:N), and high availability impact (A:H). The affected versions cover a wide range of Qualcomm chipsets and modules, including many popular Snapdragon mobile SoCs (e.g., SD 8 Gen1 5G, SD 888, SD 865 5G), IoT modules, automotive platforms, and connectivity chips. No known exploits in the wild have been reported to date, and no official patches are linked in the provided data, suggesting that mitigation may rely on vendor firmware updates or network-level protections. The vulnerability is significant due to the extensive deployment of Qualcomm Snapdragon chipsets in consumer electronics, mobile devices, automotive systems, and IoT devices worldwide. Attackers can exploit this remotely over the network without authentication or user interaction, increasing the risk of widespread disruption.

Potential Impact

For European organizations, the impact of CVE-2022-25736 can be substantial, especially for sectors relying heavily on Qualcomm Snapdragon-based devices and infrastructure. Mobile devices using Snapdragon chipsets are ubiquitous among employees, and many IoT deployments in industrial, automotive, and consumer environments utilize affected Qualcomm modules. A successful exploitation could lead to denial of service of WLAN connectivity, disrupting business operations, communications, and critical IoT functions. In automotive contexts, affected Snapdragon Auto platforms could experience connectivity failures, potentially impacting vehicle telematics, infotainment, or safety-related communications. Industrial IoT deployments relying on Snapdragon Industrial IoT modules may face operational downtime or degraded monitoring and control capabilities. The lack of confidentiality or integrity impact reduces risks of data breaches but the availability disruption can affect productivity, safety, and service continuity. Given the remote, unauthenticated nature of the exploit, attackers could launch denial of service attacks from within wireless range or through compromised network segments, posing risks to enterprise Wi-Fi networks and connected devices. Organizations with large deployments of Qualcomm-based devices, especially in critical infrastructure, automotive fleets, or IoT ecosystems, should consider this vulnerability a high priority for mitigation to avoid operational disruptions.

Mitigation Recommendations

1. Firmware and Software Updates: Organizations should monitor Qualcomm and device vendors for firmware or software patches addressing CVE-2022-25736 and apply them promptly across all affected devices and platforms. 2. Network Segmentation: Segment wireless networks to isolate critical systems and reduce the attack surface. Limit WLAN access to trusted devices and users only. 3. Wireless Intrusion Detection and Prevention Systems (WIDS/WIPS): Deploy WIDS/WIPS solutions capable of detecting and blocking malformed or suspicious VHT action frames to prevent exploitation attempts. 4. Access Control: Enforce strong authentication and authorization controls on WLAN access points to prevent unauthorized devices from connecting and sending malicious frames. 5. Monitoring and Logging: Enable detailed logging of WLAN activity and monitor for anomalies or repeated malformed frame transmissions indicative of exploitation attempts. 6. Device Inventory and Risk Assessment: Maintain an up-to-date inventory of all Qualcomm Snapdragon-based devices and assess exposure to this vulnerability to prioritize remediation efforts. 7. Vendor Coordination: Engage with device manufacturers and Qualcomm for guidance, patches, and best practices specific to affected products. 8. Temporary Workarounds: Where patches are unavailable, consider disabling vulnerable WLAN features or restricting network protocols that process VHT action frames if feasible without impacting business operations.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
qualcomm
Date Reserved
2022-02-22T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9817c4522896dcbd79d6

Added to database: 5/21/2025, 9:08:39 AM

Last enriched: 7/5/2025, 2:27:59 AM

Last updated: 8/19/2025, 1:06:55 AM

Views: 17

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats