CVE-2022-25702 [High] | Denial of Service in Apq8009 Firmware

CVE-2022-25702 is rated Moderate Risk (50.3/100): CVSS High severity, with medium exploitation likelihood (EPSS 0.36%). Review affected assets and schedule remediation.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-03-17	0.26%	0.36%	+0.10%
2	2026-01-05	0.45%	0.26%	-0.18%
3	2025-12-16	—	0.45%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-03-17

0.26%

0.36%

+0.10%

2026-01-05

0.45%

0.26%

-0.18%

2025-12-16

—

0.45%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
7.5	3.1	HIGH	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H` Click to expand Attack vector (AV:N) Could be attacked over the internet or any normal routed network—not just someone sitting at the machine. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:N) No account or special rights needed—anonymous or random user is enough. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:N) Doesn’t really leak secrets in a meaningful way. Integrity (I:N) Data isn’t meaningfully altered or forged. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	3.9	3.6	[email protected]
7.5	3.1	HIGH	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H` Click to expand Attack vector (AV:N) Could be attacked over the internet or any normal routed network—not just someone sitting at the machine. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:N) No account or special rights needed—anonymous or random user is enough. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:N) Doesn’t really leak secrets in a meaningful way. Integrity (I:N) Data isn’t meaningfully altered or forged. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	3.9	3.6	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

7.5

3.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Click to expand

Attack vector (AV:N): Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N): No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N): Doesn’t really leak secrets in a meaningful way.
Integrity (I:N): Data isn’t meaningfully altered or forged.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

3.9

3.6

[email protected]

7.5

3.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Click to expand

Attack vector (AV:N): Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N): No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N): Doesn’t really leak secrets in a meaningful way.
Integrity (I:N): Data isn’t meaningfully altered or forged.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

3.9

3.6

[email protected]

Affected software / configurations for CVE-2022-25702

Vendor	Product	Version	Raw CPE
qualcomm	apq8009_firmware	—	cpe:2.3:o:qualcomm:apq8009_firmware:-:::::::*
qualcomm	apq8017_firmware	—	cpe:2.3:o:qualcomm:apq8017_firmware:-:::::::*
qualcomm	apq8037_firmware	—	cpe:2.3:o:qualcomm:apq8037_firmware:-:::::::*
qualcomm	aqt1000_firmware	—	cpe:2.3:o:qualcomm:aqt1000_firmware:-:::::::*
qualcomm	ar8035_firmware	—	cpe:2.3:o:qualcomm:ar8035_firmware:-:::::::*
qualcomm	fsm10055_firmware	—	cpe:2.3:o:qualcomm:fsm10055_firmware:-:::::::*
qualcomm	msm8108_firmware	—	cpe:2.3:o:qualcomm:msm8108_firmware:-:::::::*
qualcomm	msm8208_firmware	—	cpe:2.3:o:qualcomm:msm8208_firmware:-:::::::*
qualcomm	msm8209_firmware	—	cpe:2.3:o:qualcomm:msm8209_firmware:-:::::::*
qualcomm	msm8608_firmware	—	cpe:2.3:o:qualcomm:msm8608_firmware:-:::::::*
qualcomm	msm8917_firmware	—	cpe:2.3:o:qualcomm:msm8917_firmware:-:::::::*
qualcomm	msm8937_firmware	—	cpe:2.3:o:qualcomm:msm8937_firmware:-:::::::*
qualcomm	qca6390_firmware	—	cpe:2.3:o:qualcomm:qca6390_firmware:-:::::::*
qualcomm	qca6391_firmware	—	cpe:2.3:o:qualcomm:qca6391_firmware:-:::::::*
qualcomm	qca6421_firmware	—	cpe:2.3:o:qualcomm:qca6421_firmware:-:::::::*
qualcomm	qca6426_firmware	—	cpe:2.3:o:qualcomm:qca6426_firmware:-:::::::*
qualcomm	qca6431_firmware	—	cpe:2.3:o:qualcomm:qca6431_firmware:-:::::::*
qualcomm	qca6436_firmware	—	cpe:2.3:o:qualcomm:qca6436_firmware:-:::::::*
qualcomm	qca8081_firmware	—	cpe:2.3:o:qualcomm:qca8081_firmware:-:::::::*
qualcomm	qca8337_firmware	—	cpe:2.3:o:qualcomm:qca8337_firmware:-:::::::*
qualcomm	qcn6024_firmware	—	cpe:2.3:o:qualcomm:qcn6024_firmware:-:::::::*
qualcomm	qcn9024_firmware	—	cpe:2.3:o:qualcomm:qcn9024_firmware:-:::::::*
qualcomm	qcx315_firmware	—	cpe:2.3:o:qualcomm:qcx315_firmware:-:::::::*
qualcomm	sa515m_firmware	—	cpe:2.3:o:qualcomm:sa515m_firmware:-:::::::*
qualcomm	sd_8_gen1_5g_firmware	—	cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:::::::*
qualcomm	sd205_firmware	—	cpe:2.3:o:qualcomm:sd205_firmware:-:::::::*
qualcomm	sd210_firmware	—	cpe:2.3:o:qualcomm:sd210_firmware:-:::::::*
qualcomm	sd429_firmware	—	cpe:2.3:o:qualcomm:sd429_firmware:-:::::::*
qualcomm	sd439_firmware	—	cpe:2.3:o:qualcomm:sd439_firmware:-:::::::*
qualcomm	sd480_firmware	—	cpe:2.3:o:qualcomm:sd480_firmware:-:::::::*
qualcomm	sd690_5g_firmware	—	cpe:2.3:o:qualcomm:sd690_5g_firmware:-:::::::*
qualcomm	sd695_firmware	—	cpe:2.3:o:qualcomm:sd695_firmware:-:::::::*
qualcomm	sd750g_firmware	—	cpe:2.3:o:qualcomm:sd750g_firmware:-:::::::*
qualcomm	sd765_firmware	—	cpe:2.3:o:qualcomm:sd765_firmware:-:::::::*
qualcomm	sd765g_firmware	—	cpe:2.3:o:qualcomm:sd765g_firmware:-:::::::*
qualcomm	sd768g_firmware	—	cpe:2.3:o:qualcomm:sd768g_firmware:-:::::::*
qualcomm	sd780g_firmware	—	cpe:2.3:o:qualcomm:sd780g_firmware:-:::::::*
qualcomm	sd855_firmware	—	cpe:2.3:o:qualcomm:sd855_firmware:-:::::::*
qualcomm	sd865_5g_firmware	—	cpe:2.3:o:qualcomm:sd865_5g_firmware:-:::::::*
qualcomm	sd870_firmware	—	cpe:2.3:o:qualcomm:sd870_firmware:-:::::::*
qualcomm	sd888_firmware	—	cpe:2.3:o:qualcomm:sd888_firmware:-:::::::*
qualcomm	sda429w_firmware	—	cpe:2.3:o:qualcomm:sda429w_firmware:-:::::::*
qualcomm	sdm429w_firmware	—	cpe:2.3:o:qualcomm:sdm429w_firmware:-:::::::*
qualcomm	sdx50m_firmware	—	cpe:2.3:o:qualcomm:sdx50m_firmware:-:::::::*
qualcomm	sdx55_firmware	—	cpe:2.3:o:qualcomm:sdx55_firmware:-:::::::*
qualcomm	sdx55m_firmware	—	cpe:2.3:o:qualcomm:sdx55m_firmware:-:::::::*
qualcomm	sdx65_firmware	—	cpe:2.3:o:qualcomm:sdx65_firmware:-:::::::*
qualcomm	sdxr2_5g_firmware	—	cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:::::::*
qualcomm	sm4375_firmware	—	cpe:2.3:o:qualcomm:sm4375_firmware:-:::::::*
qualcomm	sm7250p_firmware	—	cpe:2.3:o:qualcomm:sm7250p_firmware:-:::::::*
qualcomm	sm7315_firmware	—	cpe:2.3:o:qualcomm:sm7315_firmware:-:::::::*
qualcomm	wcd9326_firmware	—	cpe:2.3:o:qualcomm:wcd9326_firmware:-:::::::*
qualcomm	wcd9340_firmware	—	cpe:2.3:o:qualcomm:wcd9340_firmware:-:::::::*
qualcomm	wcd9341_firmware	—	cpe:2.3:o:qualcomm:wcd9341_firmware:-:::::::*
qualcomm	wcd9370_firmware	—	cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::*
qualcomm	wcd9375_firmware	—	cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::*
qualcomm	wcd9380_firmware	—	cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*
qualcomm	wcd9385_firmware	—	cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::*
qualcomm	wcn3610_firmware	—	cpe:2.3:o:qualcomm:wcn3610_firmware:-:::::::*
qualcomm	wcn3615_firmware	—	cpe:2.3:o:qualcomm:wcn3615_firmware:-:::::::*
qualcomm	wcn3620_firmware	—	cpe:2.3:o:qualcomm:wcn3620_firmware:-:::::::*
qualcomm	wcn3660b_firmware	—	cpe:2.3:o:qualcomm:wcn3660b_firmware:-:::::::*
qualcomm	wcn3680b_firmware	—	cpe:2.3:o:qualcomm:wcn3680b_firmware:-:::::::*
qualcomm	wcn3980_firmware	—	cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::*
qualcomm	wcn3988_firmware	—	cpe:2.3:o:qualcomm:wcn3988_firmware:-:::::::*
qualcomm	wcn3991_firmware	—	cpe:2.3:o:qualcomm:wcn3991_firmware:-:::::::*
qualcomm	wcn3998_firmware	—	cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::*
qualcomm	wcn6740_firmware	—	cpe:2.3:o:qualcomm:wcn6740_firmware:-:::::::*
qualcomm	wcn6750_firmware	—	cpe:2.3:o:qualcomm:wcn6750_firmware:-:::::::*
qualcomm	wcn6850_firmware	—	cpe:2.3:o:qualcomm:wcn6850_firmware:-:::::::*
qualcomm	wcn6851_firmware	—	cpe:2.3:o:qualcomm:wcn6851_firmware:-:::::::*
qualcomm	wcn6855_firmware	—	cpe:2.3:o:qualcomm:wcn6855_firmware:-:::::::*
qualcomm	wcn6856_firmware	—	cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::*
qualcomm	wcn7850_firmware	—	cpe:2.3:o:qualcomm:wcn7850_firmware:-:::::::*
qualcomm	wcn7851_firmware	—	cpe:2.3:o:qualcomm:wcn7851_firmware:-:::::::*
qualcomm	wsa8810_firmware	—	cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::*
qualcomm	wsa8815_firmware	—	cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::*
qualcomm	wsa8830_firmware	—	cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::*
qualcomm	wsa8835_firmware	—	cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::*

References for CVE-2022-25702

URL	Tags
https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin	Vendor Advisory

URL

CVE-2022-25702

Exploit prediction scoring system (EPSS) score for CVE-2022-25702

Common vulnerability scoring system (CVSS) metrics for CVE-2022-25702

Weakness enumeration for CVE-2022-25702

Affected software / configurations for CVE-2022-25702

References for CVE-2022-25702