Lucene search
QualcommVULNRICHMENT:CVE-2022-25732HistoryFeb 09, 2023 - 6:58 a.m.
CVE-2022-25732 Buffer Over-read in MODEM
2023-02-0906:58:18
CWE-126
qualcomm
github.com
cve-2022-25732
information disclosure
modem
buffer over-read
dns client
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
45.3%
Information disclosure in modem due to buffer over read in dns client due to missing length check
CNA Affected
[
{
"vendor": "Qualcomm, Inc.",
"product": "Snapdragon",
"versions": [
{
"status": "affected",
"version": "AR8031"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "MDM8207"
},
{
"status": "affected",
"version": "MDM9205"
},
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9207"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "QCA4004"
},
{
"status": "affected",
"version": "QCA4020"
},
{
"status": "affected",
"version": "QCA4024"
},
{
"status": "affected",
"version": "QCS405"
},
{
"status": "affected",
"version": "QTS110"
},
{
"status": "affected",
"version": "SSG2115P"
},
{
"status": "affected",
"version": "SSG2125P"
},
{
"status": "affected",
"version": "SXR1230P"
},
{
"status": "affected",
"version": "SXR2230P"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3999"
},
{
"status": "affected",
"version": "WCN6855"
},
{
"status": "affected",
"version": "WCN6856"
},
{
"status": "affected",
"version": "WCN7850"
},
{
"status": "affected",
"version": "WCN7851"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
}
],
"platforms": [
"Snapdragon Compute",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon Voice & Music"
],
"defaultStatus": "unaffected"
}
]Related
cve
cve
CVE-2022-25732
2023-02-12 04:15:13
nvd
nvd
CVE-2022-25732
2023-02-12 04:15:13
prion
prion
Information disclosure
2023-02-12 04:15:00
cvelist
cvelist
CVE-2022-25732 Buffer Over-read in MODEM
2023-02-09 06:58:18
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
45.3%
Related for VULNRICHMENT:CVE-2022-25732