Lucene search

K
cve[email protected]CVE-2022-25731
HistoryApr 13, 2023 - 7:15 a.m.

CVE-2022-25731

2023-04-1307:15:11
CWE-131
CWE-125
web.nvd.nist.gov
34
cve-2022-25731
information disclosure
modem
buffer over-read
dns server
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.3%

Information disclosure in modem due to buffer over-read while processing packets from DNS server

Affected configurations

NVD
Node
qualcommmdm9205_firmwareMatch-
AND
qualcommmdm9205Match-
Node
qualcommmdm9206_firmwareMatch-
AND
qualcommmdm9206Match-
Node
qualcommmdm9207_firmwareMatch-
AND
qualcommmdm9207Match-
Node
qualcommmdm8207_firmwareMatch-
AND
qualcommmdm8207Match-
Node
qualcommqca4004_firmwareMatch-
AND
qualcommqca4004Match-
Node
qualcommqca4010_firmwareMatch-
AND
qualcommqca4010Match-
Node
qualcommqts110_firmwareMatch-
AND
qualcommqts110Match-
Node
qualcommsnapdragon_wear_1100_firmwareMatch-
AND
qualcommsnapdragon_wear_1100Match-
Node
qualcommsnapdragon_wear_1200_firmwareMatch-
AND
qualcommsnapdragon_wear_1200Match-
Node
qualcommsnapdragon_wear_1300_firmwareMatch-
AND
qualcommsnapdragon_wear_1300Match-
Node
qualcommsnapdragon_x5_lte_modem_firmwareMatch-
AND
qualcommsnapdragon_x5_lte_modemMatch-
Node
qualcommwcd9330_firmwareMatch-
AND
qualcommwcd9330Match-
Node
qualcommwcd9306_firmwareMatch-
AND
qualcommwcd9306Match-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Consumer IOT",
      "Snapdragon Industrial IOT"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "9205 LTE Modem"
      },
      {
        "status": "affected",
        "version": "9206 LTE Modem"
      },
      {
        "status": "affected",
        "version": "9207 LTE Modem"
      },
      {
        "status": "affected",
        "version": "MDM8207"
      },
      {
        "status": "affected",
        "version": "QCA4004"
      },
      {
        "status": "affected",
        "version": "QCA4010"
      },
      {
        "status": "affected",
        "version": "QTS110"
      },
      {
        "status": "affected",
        "version": "Snapdragon 1100 Wearable Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 1200 Wearable Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon Wear 1300 Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon X5 LTE Modem"
      },
      {
        "status": "affected",
        "version": "WCD9306"
      },
      {
        "status": "affected",
        "version": "WCD9330"
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.3%

Related for CVE-2022-25731