Lucene search

K
cve[email protected]CVE-2022-40505
HistoryMay 02, 2023 - 6:15 a.m.

CVE-2022-40505

2023-05-0206:15:10
CWE-125
CWE-126
web.nvd.nist.gov
34
cve-2022-40505
information disclosure
modem
buffer over-read
dns hostname
nvd

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

Information disclosure due to buffer over-read in Modem while parsing DNS hostname.

Affected configurations

NVD
Node
qualcomm9205_lte_modemMatch-
AND
qualcomm9205_lte_modem_firmwareMatch-
Node
qualcomm9206_lte_modemMatch-
AND
qualcomm9206_lte_modem_firmwareMatch-
Node
qualcomm9207_lte_modemMatch-
AND
qualcomm9207_lte_modem_firmwareMatch-
Node
qualcommmdm8207Match-
AND
qualcommmdm8207_firmwareMatch-
Node
qualcommqca4004Match-
AND
qualcommqca4004_firmwareMatch-
Node
qualcommqca4010Match-
AND
qualcommqca4010_firmwareMatch-
Node
qualcommqts110_firmwareMatch-
AND
qualcommqts110Match-
Node
qualcommsnapdragon_1100_wearable_platform_firmwareMatch-
AND
qualcommsnapdragon_1100_wearable_platformMatch-
Node
qualcommsnapdragon_1200_wearable_platform_firmwareMatch-
AND
qualcommsnapdragon_1200_wearable_platformMatch-
Node
qualcommsnapdragon_wear_1300_platform_firmwareMatch-
AND
qualcommsnapdragon_wear_1300_platformMatch-
Node
qualcommsnapdragon_x5_lte_modem_firmwareMatch-
AND
qualcommsnapdragon_x5_lte_modemMatch-
Node
qualcommwcd9306_firmwareMatch-
AND
qualcommwcd9306Match-
Node
qualcommwcd9330_firmwareMatch-
AND
qualcommwcd9330Match-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Consumer IOT",
      "Snapdragon Industrial IOT"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "9205 LTE Modem"
      },
      {
        "status": "affected",
        "version": "9206 LTE Modem"
      },
      {
        "status": "affected",
        "version": "9207 LTE Modem"
      },
      {
        "status": "affected",
        "version": "MDM8207"
      },
      {
        "status": "affected",
        "version": "QCA4004"
      },
      {
        "status": "affected",
        "version": "QCA4010"
      },
      {
        "status": "affected",
        "version": "QTS110"
      },
      {
        "status": "affected",
        "version": "Snapdragon 1100 Wearable Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 1200 Wearable Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon Wear 1300 Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon X5 LTE Modem"
      },
      {
        "status": "affected",
        "version": "WCD9306"
      },
      {
        "status": "affected",
        "version": "WCD9330"
      }
    ]
  }
]

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

Related for CVE-2022-40505