Lucene search

[email protected]CVE-2022-33211

HistoryApr 13, 2023 - 7:15 a.m.

CVE-2022-33211

2023-04-1307:15:13

CWE-131

CWE-20

[email protected]

web.nvd.nist.gov

cve-2022-33211

memory corruption

modem

coap

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.6%

JSON

memory corruption in modem due to improper check while calculating size of serialized CoAP message

Affected configurations

NVD

Node

qualcommmdm8207_firmwareMatch-

AND

qualcommmdm8207Match-

Node

qualcommmdm9205_firmwareMatch-

AND

qualcommmdm9205Match-

Node

qualcommmdm9206_firmwareMatch-

AND

qualcommmdm9206Match-

Node

qualcommmdm9207_firmwareMatch-

AND

qualcommmdm9207Match-

Node

qualcommqca4004_firmwareMatch-

AND

qualcommqca4004Match-

Node

qualcommqts110_firmwareMatch-

AND

qualcommqts110Match-

Node

qualcommsnapdragon_wear_1100_firmwareMatch-

AND

qualcommsnapdragon_wear_1100Match-

Node

qualcommsnapdragon_wear_1200Match-

AND

qualcommsnapdragon_wear_1200_firmwareMatch-

Node

qualcommsnapdragon_wear_1300Match-

AND

qualcommsnapdragon_wear_1300_firmwareMatch-

Node

qualcommsnapdragon_x5_lte_modemMatch-

AND

qualcommsnapdragon_x5_lte_modem_firmwareMatch-

Node

qualcommwcd9306Match-

AND

qualcommwcd9306_firmwareMatch-

Node

qualcommwcd9330Match-

AND

qualcommwcd9330_firmwareMatch-

CPENameOperatorVersion
qualcomm:mdm8207_firmwarequalcomm mdm8207 firmwareeq-

CPE	Name	Operator	Version
qualcomm:mdm8207_firmware	qualcomm mdm8207 firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Industrial IOT"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "9205 LTE Modem"
      },
      {
        "status": "affected",
        "version": "9206 LTE Modem"
      },
      {
        "status": "affected",
        "version": "9207 LTE Modem"
      },
      {
        "status": "affected",
        "version": "MDM8207"
      },
      {
        "status": "affected",
        "version": "QCA4004"
      },
      {
        "status": "affected",
        "version": "QTS110"
      },
      {
        "status": "affected",
        "version": "Snapdragon 1100 Wearable Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 1200 Wearable Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon Wear 1300 Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon X5 LTE Modem"
      },
      {
        "status": "affected",
        "version": "WCD9306"
      },
      {
        "status": "affected",
        "version": "WCD9330"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.6%

JSON

Related for CVE-2022-33211

prion1 nvd1 cvelist1 vulnrichment1