Lucene search

QualcommCVE-2022-33309

HistoryMar 10, 2023 - 9:15 p.m.

CVE-2022-33309

2023-03-1021:15:12

CWE-126

CWE-125

qualcomm

web.nvd.nist.gov

cve-2022-33309

transient dos

buffer over-read

wlan firmware

nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

37.3%

JSON

Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.

Affected configurations

Nvd

Node

qualcommcsr8811_firmwareMatch-

AND

qualcommcsr8811Match-

Node

qualcommipq5010_firmwareMatch-

AND

qualcommipq5010Match-

Node

qualcommipq5018_firmwareMatch-

AND

qualcommipq5018Match-

Node

qualcommipq5028_firmwareMatch-

AND

qualcommipq5028Match-

Node

qualcommipq6000_firmwareMatch-

AND

qualcommipq6000Match-

Node

qualcommipq6010_firmwareMatch-

AND

qualcommipq6010Match-

Node

qualcommipq6018_firmwareMatch-

AND

qualcommipq6018Match-

Node

qualcommipq6028_firmwareMatch-

AND

qualcommipq6028Match-

Node

qualcommipq8070a_firmwareMatch-

AND

qualcommipq8070aMatch-

Node

qualcommipq8071a_firmwareMatch-

AND

qualcommipq8071aMatch-

Node

qualcommipq8072a_firmwareMatch-

AND

qualcommipq8072aMatch-

Node

qualcommipq8074a_firmwareMatch-

AND

qualcommipq8074aMatch-

Node

qualcommipq8076_firmwareMatch-

AND

qualcommipq8076Match-

Node

qualcommipq8076a_firmwareMatch-

AND

qualcommipq8076aMatch-

Node

qualcommipq8078_firmwareMatch-

AND

qualcommipq8078Match-

Node

qualcommipq8078a_firmwareMatch-

AND

qualcommipq8078aMatch-

Node

qualcommipq8173_firmwareMatch-

AND

qualcommipq8173Match-

Node

qualcommipq8174_firmwareMatch-

AND

qualcommipq8174Match-

Node

qualcommipq9008_firmwareMatch-

AND

qualcommipq9008Match-

Node

qualcommipq9574_firmwareMatch-

AND

qualcommipq9574Match-

Node

qualcommqca4024_firmwareMatch-

AND

qualcommqca4024Match-

Node

qualcommqca8075_firmwareMatch-

AND

qualcommqca8075Match-

Node

qualcommqca8081_firmwareMatch-

AND

qualcommqca8081Match-

Node

qualcommqca8082_firmwareMatch-

AND

qualcommqca8082Match-

Node

qualcommqca8084_firmwareMatch-

AND

qualcommqca8084Match-

Node

qualcommqca8085_firmwareMatch-

AND

qualcommqca8085Match-

Node

qualcommqca8386_firmwareMatch-

AND

qualcommqca8386Match-

Node

qualcommqca9888_firmwareMatch-

AND

qualcommqca9888Match-

Node

qualcommqca9889_firmwareMatch-

AND

qualcommqca9889Match-

Node

qualcommqcn5022_firmwareMatch-

AND

qualcommqcn5022Match-

Node

qualcommqcn5024_firmwareMatch-

AND

qualcommqcn5024Match-

Node

qualcommqcn5052_firmwareMatch-

AND

qualcommqcn5052Match-

Node

qualcommqcn5122_firmwareMatch-

AND

qualcommqcn5122Match-

Node

qualcommqcn5124_firmwareMatch-

AND

qualcommqcn5124Match-

Node

qualcommqcn5152_firmwareMatch-

AND

qualcommqcn5152Match-

Node

qualcommqcn5154_firmwareMatch-

AND

qualcommqcn5154Match-

Node

qualcommqcn5164_firmwareMatch-

AND

qualcommqcn5164Match-

Node

qualcommqcn6023_firmwareMatch-

AND

qualcommqcn6023Match-

Node

qualcommqcn6024_firmwareMatch-

AND

qualcommqcn6024Match-

Node

qualcommqcn6122_firmwareMatch-

AND

qualcommqcn6122Match-

Node

qualcommqcn6132_firmwareMatch-

AND

qualcommqcn6132Match-

Node

qualcommqcn9000_firmwareMatch-

AND

qualcommqcn9000Match-

Node

qualcommqcn9022_firmwareMatch-

AND

qualcommqcn9022Match-

Node

qualcommqcn9024_firmwareMatch-

AND

qualcommqcn9024Match-

Node

qualcommqcn9070_firmwareMatch-

AND

qualcommqcn9070Match-

Node

qualcommqcn9072_firmwareMatch-

AND

qualcommqcn9072Match-

Node

qualcommqcn9074_firmwareMatch-

AND

qualcommqcn9074Match-

Node

qualcommqcn9100_firmwareMatch-

AND

qualcommqcn9100Match-

Node

qualcommqcn9274_firmwareMatch-

AND

qualcommqcn9274Match-

Node

qualcommsd_8_gen1_5g_firmwareMatch-

AND

qualcommsm8475Match-

Node

qualcommsdx65_firmwareMatch-

AND

qualcommsdx65Match-

Node

qualcommsdx65m_firmwareMatch-

AND

qualcommsdx65mMatch-

Node

qualcommssg2115p_firmwareMatch-

AND

qualcommssg2115pMatch-

Node

qualcommssg2125p_firmwareMatch-

AND

qualcommssg2125pMatch-

Node

qualcommsxr1230p_firmwareMatch-

AND

qualcommsxr1230pMatch-

Node

qualcommsxr2230p_firmwareMatch-

AND

qualcommsxr2230pMatch-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwcn6855_firmwareMatch-

AND

qualcommwcn6855Match-

Node

qualcommwcn6856_firmwareMatch-

AND

qualcommwcn6856Match-

Node

qualcommwcn7850_firmwareMatch-

AND

qualcommwcn7850Match-

Node

qualcommwcn7851_firmwareMatch-

AND

qualcommwcn7851Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8832_firmwareMatch-

AND

qualcommwsa8832Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

VendorProductVersionCPE
qualcommcsr8811_firmware-cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*
qualcommcsr8811-cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*
qualcommipq5010_firmware-cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*
qualcommipq5010-cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*
qualcommipq5018_firmware-cpe:2.3:o:qualcomm:ipq5018_firmware:-:*:*:*:*:*:*:*
qualcommipq5018-cpe:2.3:h:qualcomm:ipq5018:-:*:*:*:*:*:*:*
qualcommipq5028_firmware-cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*
qualcommipq5028-cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*
qualcommipq6000_firmware-cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*
qualcommipq6000-cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	csr8811_firmware	-	cpe:2.3:o:qualcomm:csr8811_firmware:-:::::::*
qualcomm	csr8811	-	cpe:2.3:h:qualcomm:csr8811:-:::::::*
qualcomm	ipq5010_firmware	-	cpe:2.3:o:qualcomm:ipq5010_firmware:-:::::::*
qualcomm	ipq5010	-	cpe:2.3:h:qualcomm:ipq5010:-:::::::*
qualcomm	ipq5018_firmware	-	cpe:2.3:o:qualcomm:ipq5018_firmware:-:::::::*
qualcomm	ipq5018	-	cpe:2.3:h:qualcomm:ipq5018:-:::::::*
qualcomm	ipq5028_firmware	-	cpe:2.3:o:qualcomm:ipq5028_firmware:-:::::::*
qualcomm	ipq5028	-	cpe:2.3:h:qualcomm:ipq5028:-:::::::*
qualcomm	ipq6000_firmware	-	cpe:2.3:o:qualcomm:ipq6000_firmware:-:::::::*
qualcomm	ipq6000	-	cpe:2.3:h:qualcomm:ipq6000:-:::::::*

Rows per page:

1-10 of 1301

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Compute",
      "Snapdragon Connectivity",
      "Snapdragon Wired Infrastructure and Networking"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "CSR8811"
      },
      {
        "status": "affected",
        "version": "IPQ5010"
      },
      {
        "status": "affected",
        "version": "IPQ5018"
      },
      {
        "status": "affected",
        "version": "IPQ5028"
      },
      {
        "status": "affected",
        "version": "IPQ6000"
      },
      {
        "status": "affected",
        "version": "IPQ6010"
      },
      {
        "status": "affected",
        "version": "IPQ6018"
      },
      {
        "status": "affected",
        "version": "IPQ6028"
      },
      {
        "status": "affected",
        "version": "IPQ8070A"
      },
      {
        "status": "affected",
        "version": "IPQ8071A"
      },
      {
        "status": "affected",
        "version": "IPQ8072A"
      },
      {
        "status": "affected",
        "version": "IPQ8074A"
      },
      {
        "status": "affected",
        "version": "IPQ8076"
      },
      {
        "status": "affected",
        "version": "IPQ8076A"
      },
      {
        "status": "affected",
        "version": "IPQ8078"
      },
      {
        "status": "affected",
        "version": "IPQ8078A"
      },
      {
        "status": "affected",
        "version": "IPQ8173"
      },
      {
        "status": "affected",
        "version": "IPQ8174"
      },
      {
        "status": "affected",
        "version": "IPQ9008"
      },
      {
        "status": "affected",
        "version": "IPQ9574"
      },
      {
        "status": "affected",
        "version": "QCA4024"
      },
      {
        "status": "affected",
        "version": "QCA8075"
      },
      {
        "status": "affected",
        "version": "QCA8081"
      },
      {
        "status": "affected",
        "version": "QCA8082"
      },
      {
        "status": "affected",
        "version": "QCA8084"
      },
      {
        "status": "affected",
        "version": "QCA8085"
      },
      {
        "status": "affected",
        "version": "QCA8386"
      },
      {
        "status": "affected",
        "version": "QCA9888"
      },
      {
        "status": "affected",
        "version": "QCA9889"
      },
      {
        "status": "affected",
        "version": "QCN5022"
      },
      {
        "status": "affected",
        "version": "QCN5024"
      },
      {
        "status": "affected",
        "version": "QCN5052"
      },
      {
        "status": "affected",
        "version": "QCN5122"
      },
      {
        "status": "affected",
        "version": "QCN5124"
      },
      {
        "status": "affected",
        "version": "QCN5152"
      },
      {
        "status": "affected",
        "version": "QCN5154"
      },
      {
        "status": "affected",
        "version": "QCN5164"
      },
      {
        "status": "affected",
        "version": "QCN6023"
      },
      {
        "status": "affected",
        "version": "QCN6024"
      },
      {
        "status": "affected",
        "version": "QCN6122"
      },
      {
        "status": "affected",
        "version": "QCN6132"
      },
      {
        "status": "affected",
        "version": "QCN9000"
      },
      {
        "status": "affected",
        "version": "QCN9022"
      },
      {
        "status": "affected",
        "version": "QCN9024"
      },
      {
        "status": "affected",
        "version": "QCN9070"
      },
      {
        "status": "affected",
        "version": "QCN9072"
      },
      {
        "status": "affected",
        "version": "QCN9074"
      },
      {
        "status": "affected",
        "version": "QCN9100"
      },
      {
        "status": "affected",
        "version": "QCN9274"
      },
      {
        "status": "affected",
        "version": "SD 8 Gen1 5G"
      },
      {
        "status": "affected",
        "version": "SDX65"
      },
      {
        "status": "affected",
        "version": "SDX65M"
      },
      {
        "status": "affected",
        "version": "SSG2115P"
      },
      {
        "status": "affected",
        "version": "SSG2125P"
      },
      {
        "status": "affected",
        "version": "SXR1230P"
      },
      {
        "status": "affected",
        "version": "SXR2230P"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WCD9385"
      },
      {
        "status": "affected",
        "version": "WCN6855"
      },
      {
        "status": "affected",
        "version": "WCN6856"
      },
      {
        "status": "affected",
        "version": "WCN7850"
      },
      {
        "status": "affected",
        "version": "WCN7851"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8832"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

37.3%

JSON

Related for CVE-2022-33309