Lucene search

K
cve[email protected]CVE-2022-25745
HistoryApr 13, 2023 - 7:15 a.m.

CVE-2022-25745

2023-04-1307:15:13
CWE-670
web.nvd.nist.gov
37
2
cve-2022-25745
memory corruption
modem
improper input validation
coap message
nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.5%

Memory corruption in modem due to improper input validation while handling the incoming CoAP message

Affected configurations

NVD
Node
qualcommmdm9205_firmwareMatch-
AND
qualcommmdm9205Match-
Node
qualcommqca4004_firmwareMatch-
AND
qualcommqca4004Match-
Node
qualcommqts110_firmwareMatch-
AND
qualcommqts110Match-
Node
qualcommsnapdragon_wear_1300_firmwareMatch-
AND
qualcommsnapdragon_wear_1300Match-
Node
qualcommwcd9306_firmwareMatch-
AND
qualcommwcd9306Match-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Industrial IOT"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "9205 LTE Modem"
      },
      {
        "status": "affected",
        "version": "QCA4004"
      },
      {
        "status": "affected",
        "version": "QTS110"
      },
      {
        "status": "affected",
        "version": "Snapdragon Wear 1300 Platform"
      },
      {
        "status": "affected",
        "version": "WCD9306"
      }
    ]
  }
]

Social References

More

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.5%

Related for CVE-2022-25745