CVE-2022-40525 HIGH

CVE-2022-40525: Information Exposure in Linux Networking Firmware

Vendor Qualcomm, Inc.
Product Snapdragon
Weakness CWE-200 · Info exposure
Published June 6, 2023
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

7.1/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.

Key dates

02Disclosure timeline

June 6, 2023 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-12468 FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Unauthenticated Sensitive Information Exposure CVE-2026-34839 Glances Vulnerable to Cross-Origin Information Disclosure via Unauthenticated REST API (/api/4) due to Permissive CORS CVE-2023-38700 matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms CVE-2025-30218 Next.js may leak x-middleware-subrequest-id to external hosts CVE-2021-3798