CVE-2022-22091

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables (affected versions not specified)

Description The issue is related to improper authorization of a replayed LTE security mode command, which can lead to a denial of service. This can be exploited by a remote attacker by sending specially crafted packets, potentially causing a denial of service. The vulnerability is associated with deficiencies in the authorization procedure when handling the securityModeCommand parameter in Qualcomm's LTE technology implementation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.