CVE-2022-20083

In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID:...

CVE-2022-20210

The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS...

CVE-2022-44420

In modem, there is a possible missing verification of HashMME value in Security Mode Command. This could local denial of service with no additional execution privileges...

CVE-2021-25488

Lack of boundary checking of a buffer in recvdata of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read...

CVE-2021-32487

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456...

CVE-2021-1973

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2021-37273

A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450EPON ONU 3.0. Tianyi Gateway is a hardware terminal of "Optical Modem Smart Router." Attackers can use this vulnerability to restart the device multiple times...

CVE-2021-37109

There is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure...

CVE-2021-32485

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926...

CVE-2021-32484

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964917...

CVE-2021-32486

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928...

CVE-2021-25487

Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer...

CVE-2021-25480

A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection...

CVE-2021-25477

An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service...

CVE-2021-25489

Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic...

CVE-2021-40148

In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933...

CVE-2020-35219

The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to access the admin interface by changing the admin password without authentication via a POST request to AdvancedSystemContent.asp with the uiViewToolsusername=adminPassword= and uiViewToolsPasswordConfirm= substrings...

CVE-2020-11226

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2020-11186

Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

CVE-2020-25054

An issue was discovered on Samsung mobile devices with software through 2020-04-02 Exynos modem chipsets. There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 August 2020...