What is CVE-2022-22071?

A high-severity use-after-free vulnerability exists in Qualcomm's multiple chipsets, affecting various products. Organizations are urged to apply patches immediately to mitigate potential risks.

What is the severity of CVE-2022-22071?

CVE-2022-22071 has a severity rating of HIGH with a CVSS base score of 8.4.

Is CVE-2022-22071 in CISA KEV?

Yes. CVE-2022-22071 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. Organizations should prioritize remediation.

CVE-2022-22071 | Qualcomm - Use After Free

CVE-2022-22071 is a high-severity vulnerability affecting multiple Qualcomm chipsets. This vulnerability allows for a use-after-free condition when process shell memory is freed using the IOCTL munmap call during process initialization. The systems affected include Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon Industrial IoT, Snapdragon Mobile, and Snapdragon Voice & Music.

With a CVSS score of 8.4, this vulnerability represents a significant threat, particularly due to its potential impact on confidentiality, integrity, and availability. The risk to organizations includes unauthorized access, data breaches, and potential service disruptions. Organizations should prioritize patching immediately.

Currently, the vulnerability is listed in the Known Exploited Vulnerabilities (KEV) catalog, indicating it is actively monitored by security authorities. Organizations using affected Qualcomm chipsets are at risk and must take immediate action to mitigate this vulnerability.

Given the severity of this vulnerability and its exploitation status, organizations should not delay in applying patches or implementing mitigations provided by Qualcomm.

Vulnerability Details

The official description states that CVE-2022-22071 involves a possible use-after-free condition when process shell memory is freed using the IOCTL munmap call. The affected chipsets include various Snapdragon models, leading to high confidentiality, integrity, and availability impacts.

This vulnerability has a CVSS score of 8.4, indicating a high severity level. The attack vector is local, with low complexity. No privileges are required to exploit this vulnerability, and user interaction is not needed.

Technical Analysis

Root cause analysis indicates that the vulnerability arises from improper memory management during the process initialization phase. Specifically, this occurs while the system attempts to free shell memory that is still in use. The attack vector is local, meaning that an attacker must have access to the local system.

The attack complexity is classified as low, meaning that exploiting this vulnerability does not require advanced techniques or significant effort. Furthermore, no user interaction is necessary for the attack to succeed. The impacts on confidentiality, integrity, and availability are assessed as high, highlighting the potential for severe consequences if exploited.

Risk & Impact Analysis

The real-world deployment risk associated with CVE-2022-22071 is significant. Given its classification as a high-severity vulnerability, organizations that utilize Qualcomm chipsets are at considerable risk of exploitation, which could lead to unauthorized access and data breaches.

The blast radius of this vulnerability is extensive due to the widespread use of the affected chipsets across various devices. Organizations should assess their current deployment of Qualcomm products and evaluate the urgency of remediation based on the CVSS score and KEV status.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	Yes
Ransomware Use	No

Affected Versions

All versions of Qualcomm firmware for the affected chipsets are vulnerable. Organizations should ensure they are running patched versions to mitigate the risk.

Mitigation & Remediation

Detection Guidance

To detect potential attempts to exploit this vulnerability, organizations should monitor logs for unusual activity related to process memory management. Signs of abnormal process behavior or unauthorized access attempts should be flagged for further investigation.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2022-22071 lies in its demonstration of how vulnerabilities in widely used components can have extensive implications across various devices. As organizations increasingly rely on such technologies, the potential for exploitation underscores the need for proactive security measures.

For organizations using Qualcomm products, a focus on continuous penetration testing can help identify similar vulnerabilities in their infrastructure.

Organizations should also engage with security experts to assess their security posture and ensure they are prepared for potential threats.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-22071: High Vulnerability in Qualcomm Multiple Chipsets