<\/p>\n
<\/iframe><\/p>\n<p>Twelve new <a href=\"https:\/\/www.securitynewspaper.com\/2022\/04\/21\/two-out-of-three-android-smartphones-sold-in-2021-could-easily-be-hacked-through-an-audio-file-to-exploit-vulnerabilities-in-qualcomm-and-mediatek-chipsets\/\" target=\"_blank\" rel=\"noreferrer noopener\">security<\/a> flaws impacting various chipsets were disclosed in this month\u2019s security advisory for Qualcomm\u2019s devices, two of which have been given a critical severity rating. Two significant flaws in <a href=\"https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/october-2022-bulletin.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Qualcomm<\/a> chipsets have been identified that might allow malicious payloads to installed remotely on the Android devices.<\/p>\n<p>The first vulnerability, identified as CVE-2022\u201325748 (CVSS score 9.8), affects Qualcomm\u2019s WLAN component and is described as a \u201cInteger Overflow to Buffer Overflow during parsing GTK frames\u201d. If exploited, this issue might result in memory corruption and remote code execution. This vulnerability impact all smart devices that use the Qualcomm Snapdragon APQ, CSRA, IPQ, MDM, MSM, QCA, WSA, WCN, WCD, SW, SM, SDX, SD, SA, QRB, QCS, QCN, and more series.<\/p>\n<p>The second vulnerability, identified as CVE-2022\u201325718 (CVSS score 9.1), also affects Qualcomm\u2019s WLAN component and is described as a \u201cCryptographic issue in WLAN due to improper check on return value while authentication handshake\u201d. If exploited, this issue might result in memory corruption and remote code execution. This vulnerability impact all smart devices that use the Qualcomm Snapdragon APQ, CSRA, IPQ, MDM, MSM, QCA, WSA, WCN, WCD, SW, SM, SDX, SD, SA, QRB, QCS, QCN, and more series.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Twelve new security flaws impacting various chipsets were disclosed in this month\u2019s security advisory for Qualcomm\u2019s devices, two of which have been given a critical severity rating. Two significant flaws in Qualcomm chipsets have been identified that might allow malicious payloads to installed remotely on the Android devices. The first vulnerability, identified as CVE-2022\u201325748 (CVSS [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1512,1492],"tags":[],"class_list":["post-147669","post","type-post","status-publish","format-standard","hentry","category-mobile-phones","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/147669","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=147669"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/147669\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=147669"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=147669"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=147669"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}