Lucene search
QualcommCVE-2022-40505HistoryMay 02, 2023 - 6:15 a.m.
CVE-2022-40505
2023-05-0206:15:10
CWE-126
CWE-125
qualcomm
web.nvd.nist.gov
43
cve-2022-40505
information disclosure
modem
buffer over-read
dns hostname
nvd
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
37.3%
Information disclosure due to buffer over-read in Modem while parsing DNS hostname.
Affected configurations
Node
qualcomm9205_lte_modemMatch-
qualcomm9205_lte_modem_firmwareMatch-
Node
qualcomm9206_lte_modemMatch-
qualcomm9206_lte_modem_firmwareMatch-
Node
qualcomm9207_lte_modemMatch-
qualcomm9207_lte_modem_firmwareMatch-
Node
qualcommmdm8207Match-
qualcommmdm8207_firmwareMatch-
Node
qualcommqca4004Match-
qualcommqca4004_firmwareMatch-
Node
qualcommqca4010Match-
qualcommqca4010_firmwareMatch-
Node
qualcommqts110_firmwareMatch-
qualcommqts110Match-
Node
qualcommsnapdragon_1100_wearable_platform_firmwareMatch-
qualcommsnapdragon_1100_wearable_platformMatch-
Node
qualcommsnapdragon_1200_wearable_platform_firmwareMatch-
qualcommsnapdragon_1200_wearable_platformMatch-
Node
qualcommsnapdragon_wear_1300_platform_firmwareMatch-
qualcommsnapdragon_wear_1300_platformMatch-
Node
qualcommsnapdragon_x5_lte_modem_firmwareMatch-
qualcommsnapdragon_x5_lte_modemMatch-
Node
qualcommwcd9306_firmwareMatch-
qualcommwcd9306Match-
Node
qualcommwcd9330_firmwareMatch-
qualcommwcd9330Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| qualcomm | 9205_lte_modem | - | cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:* |
| qualcomm | 9205_lte_modem_firmware | - | cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:* |
| qualcomm | 9206_lte_modem | - | cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:* |
| qualcomm | 9206_lte_modem_firmware | - | cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:* |
| qualcomm | 9207_lte_modem | - | cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:* |
| qualcomm | 9207_lte_modem_firmware | - | cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm8207 | - | cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:* |
| qualcomm | mdm8207_firmware | - | cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca4004 | - | cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:* |
| qualcomm | qca4004_firmware | - | cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "9205 LTE Modem"
},
{
"status": "affected",
"version": "9206 LTE Modem"
},
{
"status": "affected",
"version": "9207 LTE Modem"
},
{
"status": "affected",
"version": "MDM8207"
},
{
"status": "affected",
"version": "QCA4004"
},
{
"status": "affected",
"version": "QCA4010"
},
{
"status": "affected",
"version": "QTS110"
},
{
"status": "affected",
"version": "Snapdragon 1100 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon 1200 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon Wear 1300 Platform"
},
{
"status": "affected",
"version": "Snapdragon X5 LTE Modem"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9330"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2022-40505 Buffer over-read in Modem
2023-05-02 05:08:52
prion
prion
Information disclosure
2023-05-02 06:15:00
cvelist
cvelist
CVE-2022-40505 Buffer over-read in Modem
2023-05-02 05:08:52
nvd
nvd
CVE-2022-40505
2023-05-02 06:15:10
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
37.3%
Related for CVE-2022-40505