CVE-2022-40525

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-40525
Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:ipq6005_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6005:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8072:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:qcn5121_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5121:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*
History

12 Apr 2024, 17:16

Type Values Removed Values Added
CWE CWE-200

10 Jun 2023, 02:07

Type Values Removed Values Added
References (MISC) https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin - (MISC) https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin - Vendor Advisory
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CWE CWE-668
CPE cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn5121_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5121:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6005:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8072:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ipq6005_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*

06 Jun 2023, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-06-06 08:15

Updated : 2024-04-12 17:16

NVD link : CVE-2022-40525

Mitre link : CVE-2022-40525

CVE.ORG link : CVE-2022-40525

JSON object : View

Products Affected

qualcomm

  • ipq9574_firmware
  • ipq6018
  • qca8386_firmware
  • qcn5152_firmware
  • qcn9070
  • qcn9274_firmware
  • qca8072_firmware
  • qcn9000_firmware
  • qcn5022_firmware
  • ipq9008_firmware
  • qcn5022
  • qca4024
  • qca8075
  • qcn9074_firmware
  • csr8811
  • csr8811_firmware
  • qca8081_firmware
  • qcn5152
  • qcn6024_firmware
  • qca4024_firmware
  • qcn9024_firmware
  • qcn9022
  • qcn5121_firmware
  • qcn5052_firmware
  • qcn9070_firmware
  • ipq9574
  • qcn5122
  • qcn9072
  • qcn9000
  • qcn9074
  • ipq6005
  • qca8082_firmware
  • qca8386
  • ipq6010
  • qca8084_firmware
  • qcn6023
  • qcn9274
  • qcn5052
  • qcn9022_firmware
  • qca8085
  • ipq6018_firmware
  • qca8072
  • qcn9024
  • ipq6010_firmware
  • ipq6028
  • qca8082
  • qcn6023_firmware
  • ipq6000
  • ipq9008
  • qca8075_firmware
  • ipq6028_firmware
  • qca8081
  • qcn5021
  • qca8084
  • qcn9072_firmware
  • qca8085_firmware
  • ipq6005_firmware
  • ipq6000_firmware
  • qcn6024
  • qcn5122_firmware
  • qcn5121
  • qcn5021_firmware
CWE
CWE-668

Exposure of Resource to Wrong Sphere

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor