CVE-2022-25674
Medium
Published: 15 November 2022
Published
15 November 2022
Modified
21 November 2024
KEV Added
—
Patch
—
CVSS Score v3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS Score
0.0036
58.5th percentile
Risk Priority
13
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2022-25674 is a medium-severity an unspecified weakness vulnerability in Qualcomm Ar8031 Firmware. Its CVSS base score is 6.5 (Medium).
Operationally, ranked in the top 41.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-30329
Vulnerability details
Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
qualcomm
ar8031 firmware
all versions
qualcomm
csra6620 firmware
all versions
qualcomm
csra6640 firmware
all versions
qualcomm
mdm9205 firmware
all versions
qualcomm
qca4004 firmware
all versions
qualcomm
qca4010 firmware
all versions
qualcomm
qca4020 firmware
all versions
qualcomm
qca4024 firmware
all versions
qualcomm
qcs405 firmware
all versions
qualcomm
wcd9306 firmware
all versions
+6 more product configuration(s) — see NVD for full list
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.