Lucene search

[email protected]CVE-2022-25729

HistoryFeb 12, 2023 - 4:15 a.m.

CVE-2022-25729

2023-02-1204:15:13

CWE-787

CWE-20

[email protected]

web.nvd.nist.gov

cve-2022-25729

memory corruption

modem

improper length check

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.6%

JSON

Memory corruption in modem due to improper length check while copying into memory

Affected configurations

NVD

Node

qualcommar8031_firmwareMatch-

AND

qualcommar8031Match-

Node

qualcommcsra6620_firmwareMatch-

AND

qualcommcsra6620Match-

Node

qualcommcsra6640_firmwareMatch-

AND

qualcommcsra6640Match-

Node

qualcommmdm9205_firmwareMatch-

AND

qualcommmdm9205Match-

Node

qualcommmdm9206_firmwareMatch-

AND

qualcommmdm9206Match-

Node

qualcommqca4004_firmwareMatch-

AND

qualcommqca4004Match-

Node

qualcommqca4020_firmwareMatch-

AND

qualcommqca4020Match-

Node

qualcommqca4024_firmwareMatch-

AND

qualcommqca4024Match-

Node

qualcommqcs405_firmwareMatch-

AND

qualcommqcs405Match-

Node

qualcommqts110_firmwareMatch-

AND

qualcommqts110Match-

Node

qualcommssg2115p_firmwareMatch-

AND

qualcommssg2115pMatch-

Node

qualcommssg2125p_firmwareMatch-

AND

qualcommssg2125pMatch-

Node

qualcommsxr1230p_firmwareMatch-

AND

qualcommsxr1230pMatch-

Node

qualcommsxr2230p_firmwareMatch-

AND

qualcommsxr2230pMatch-

Node

qualcommwcd9306_firmwareMatch-

AND

qualcommwcd9306Match-

Node

qualcommwcd9335_firmwareMatch-

AND

qualcommwcd9335Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwcn3980_firmwareMatch-

AND

qualcommwcn3980Match-

Node

qualcommwcn3998_firmwareMatch-

AND

qualcommwcn3998Match-

Node

qualcommwcn3999_firmwareMatch-

AND

qualcommwcn3999Match-

Node

qualcommwcn6855_firmwareMatch-

AND

qualcommwcn6855Match-

Node

qualcommwcn6856_firmwareMatch-

AND

qualcommwcn6856Match-

Node

qualcommwcn7850_firmwareMatch-

AND

qualcommwcn7850Match-

Node

qualcommwcn7851_firmwareMatch-

AND

qualcommwcn7851Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8832_firmwareMatch-

AND

qualcommwsa8832Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

CPENameOperatorVersion
qualcomm:ar8031_firmwarequalcomm ar8031 firmwareeq-

CPE	Name	Operator	Version
qualcomm:ar8031_firmware	qualcomm ar8031 firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Compute",
      "Snapdragon Consumer IOT",
      "Snapdragon Industrial IOT",
      "Snapdragon Voice & Music"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "AR8031"
      },
      {
        "status": "affected",
        "version": "CSRA6620"
      },
      {
        "status": "affected",
        "version": "CSRA6640"
      },
      {
        "status": "affected",
        "version": "MDM9205"
      },
      {
        "status": "affected",
        "version": "MDM9206"
      },
      {
        "status": "affected",
        "version": "QCA4004"
      },
      {
        "status": "affected",
        "version": "QCA4020"
      },
      {
        "status": "affected",
        "version": "QCA4024"
      },
      {
        "status": "affected",
        "version": "QCS405"
      },
      {
        "status": "affected",
        "version": "QTS110"
      },
      {
        "status": "affected",
        "version": "SSG2115P"
      },
      {
        "status": "affected",
        "version": "SSG2125P"
      },
      {
        "status": "affected",
        "version": "SXR1230P"
      },
      {
        "status": "affected",
        "version": "SXR2230P"
      },
      {
        "status": "affected",
        "version": "WCD9306"
      },
      {
        "status": "affected",
        "version": "WCD9335"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WCD9385"
      },
      {
        "status": "affected",
        "version": "WCN3980"
      },
      {
        "status": "affected",
        "version": "WCN3998"
      },
      {
        "status": "affected",
        "version": "WCN3999"
      },
      {
        "status": "affected",
        "version": "WCN6855"
      },
      {
        "status": "affected",
        "version": "WCN6856"
      },
      {
        "status": "affected",
        "version": "WCN7850"
      },
      {
        "status": "affected",
        "version": "WCN7851"
      },
      {
        "status": "affected",
        "version": "WSA8810"
      },
      {
        "status": "affected",
        "version": "WSA8815"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8832"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.6%

JSON

Related for CVE-2022-25729

vulnrichment1 cvelist1 prion1 nvd1