CWE-126

Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

CVE-2022-23130 (GCVE-0-2022-23130)

Vulnerability from cvelistv5 – Published: 2022-01-21 18:17 – Updated: 2026-01-08 11:45

Summary

Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32.

Severity

5.9 (Medium)


                        
                          CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:H

CWE

CWE-126 - Buffer Over-read

Assigner

Mitsubishi

References

3 references

URL	Tags
https://www.mitsubishielectric.com/en/psirt/vulne…	vendor-advisory
https://jvn.jp/vu/JVNVU95403720/index.html	government-resource
https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01	government-resource

Impacted products

7 products

Vendor	Product	Version
Mitsubishi Electric Corporation	GENESIS64	Affected: Versions 10.97 and prior
Mitsubishi Electric Iconics Digital Solutions	GENESIS64	Affected: Versions 10.97 and prior
Mitsubishi Electric Corporation	ICONICS Suite	Affected: Versions 10.97 and prior
Mitsubishi Electric Iconics Digital Solutions	ICONICS Suite	Affected: Versions 10.97 and prior
Mitsubishi Electric Corporation	MC Works64	Affected: Versions 4.00A to 4.04E
Mitsubishi Electric Corporation	GENESIS32	Affected: Versions 9.7 or prior
Mitsubishi Electric Iconics Digital Solutions	GENESIS32	Affected: Versions 9.7 or prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:36:19.772Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU95403720/index.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "GENESIS64",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 10.97 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GENESIS64",
          "vendor": "Mitsubishi Electric Iconics Digital Solutions",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 10.97 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ICONICS Suite",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 10.97 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ICONICS Suite",
          "vendor": "Mitsubishi Electric Iconics Digital Solutions",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 10.97 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MC Works64",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 4.00A to 4.04E"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GENESIS32",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 9.7 or prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GENESIS32",
          "vendor": "Mitsubishi Electric Iconics Digital Solutions",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 9.7 or prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32."
            }
          ],
          "value": "Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-08T11:45:13.985Z",
        "orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
        "shortName": "Mitsubishi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://jvn.jp/vu/JVNVU95403720/index.html"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
          "ID": "CVE-2022-23130",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Mitsubishi Electric MC Works64; ICONICS GENESIS64; ICONICS Hyper Historian",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01)"
                          },
                          {
                            "version_value": "ICONICS GENESIS64 versions 10.97 and prior"
                          },
                          {
                            "version_value": "ICONICS Hyper Historian versions 10.97 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01), ICONICS GENESIS64 versions 10.97 and prior and ICONICS Hyper Historian versions 10.97 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64 or MC Works64 and execute commands against the database from GENESIS64 or MC Works64."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Over-read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf",
              "refsource": "MISC",
              "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf"
            },
            {
              "name": "https://jvn.jp/vu/JVNVU95403720/index.html",
              "refsource": "MISC",
              "url": "https://jvn.jp/vu/JVNVU95403720/index.html"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
    "assignerShortName": "Mitsubishi",
    "cveId": "CVE-2022-23130",
    "datePublished": "2022-01-21T18:17:30.000Z",
    "dateReserved": "2022-01-11T00:00:00.000Z",
    "dateUpdated": "2026-01-08T11:45:13.985Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-25726 (GCVE-0-2022-25726)

Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49

Title

Buffer Over-read in MODEM

Summary

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-126 - Buffer Over-read

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

25 products

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: 9205 LTE Modem Affected: 9206 LTE Modem Affected: 9207 LTE Modem Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: MDM8207 Affected: QCA4004 Affected: QTS110 Affected: Snapdragon 1100 Wearable Platform Affected: Snapdragon 1200 Wearable Platform Affected: Snapdragon AR2 Gen 1 Platform Affected: Snapdragon Wear 1300 Platform Affected: Snapdragon X5 LTE Modem Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9306 Affected: WCD9330 Affected: WCD9380 Affected: WCD9385 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835
qualcomm	9205_lte_modem_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:::::::*
qualcomm	9206_lte_modem_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:::::::*
qualcomm	9207_lte_modem_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:::::::*
qualcomm	fastconnect_6900_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::*
qualcomm	fastconnect_7800_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::*
qualcomm	mdm8207_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:mdm8207_firmware:-:::::::*
qualcomm	qca4004_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:qca4004_firmware:-:::::::*
qualcomm	qts110_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:qts110_firmware:-:::::::*
qualcomm	snapdragon_1100_wearable_platform_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:::::::*
qualcomm	snapdragon_1200_wearable_platform_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:::::::*
qualcomm	snapdragon_ar2_gen_1_platform_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:::::::*
qualcomm	snapdragon_wear_1300_platform_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:::::::*
qualcomm	snapdragon_x5_lte_modem_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:::::::*
qualcomm	ssg2115p_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:ssg2115p_firmware:-:::::::*
qualcomm	ssg2125p_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:ssg2125p_firmware:-:::::::*
qualcomm	sxr1230p_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:sxr1230p_firmware:-:::::::*
qualcomm	sxr2230p_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:sxr2230p_firmware:-:::::::*
qualcomm	wcd9306_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:wcd9306_firmware:-:::::::*
qualcomm	wcd9330_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:wcd9330_firmware:-:::::::*
qualcomm	wcd9380_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*
qualcomm	wcd9385_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::*
qualcomm	wsa8830_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::*
qualcomm	wsa8832_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::*
qualcomm	wsa8835_firmware	Affected: 0 , ≤ * (custom) cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9205_lte_modem_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9206_lte_modem_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9207_lte_modem_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_6900_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_7800_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm8207_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4004_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qts110_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_1100_wearable_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_1200_wearable_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_ar2_gen_1_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_wear_1300_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x5_lte_modem_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2115p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2125p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr1230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr2230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9306_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9330_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9385_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8830_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8832_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8835_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25726",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-11T21:14:37.241171Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-11T21:14:43.066Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:42.739Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Compute",
            "Snapdragon Industrial IOT"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "9205 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9206 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9207 LTE Modem"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "MDM8207"
            },
            {
              "status": "affected",
              "version": "QCA4004"
            },
            {
              "status": "affected",
              "version": "QTS110"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1100 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1200 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon AR2 Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 1300 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X5 LTE Modem"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9306"
            },
            {
              "status": "affected",
              "version": "WCD9330"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:28:11.840Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
        }
      ],
      "title": "Buffer Over-read in MODEM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-25726",
    "datePublished": "2023-04-04T04:46:12.603Z",
    "dateReserved": "2022-02-22T11:38:09.302Z",
    "dateUpdated": "2024-08-03T04:49:42.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-25728 (GCVE-0-2022-25728)

Vulnerability from cvelistv5 – Published: 2023-02-09 06:58 – Updated: 2024-08-03 04:49

Title

Buffer Over-read in MODEM

Summary

Information disclosure in modem due to buffer over-read while processing response from DNS server

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-126 - Buffer Over-read

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

35 products

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: AR8031 Affected: CSRA6620 Affected: CSRA6640 Affected: MDM8207 Affected: MDM9205 Affected: MDM9206 Affected: MDM9207 Affected: MDM9607 Affected: QCA4004 Affected: QCA4020 Affected: QCA4024 Affected: QCS405 Affected: QTS110 Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9306 Affected: WCD9330 Affected: WCD9335 Affected: WCD9380 Affected: WCD9385 Affected: WCN3980 Affected: WCN3998 Affected: WCN3999 Affected: WCN6855 Affected: WCN6856 Affected: WCN7850 Affected: WCN7851 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835
qualcomm	ar8031_firmware	Affected: * cpe:2.3:o:qualcomm:ar8031_firmware:-:::::::*
qualcomm	csra6620_firmware	Affected: * cpe:2.3:o:qualcomm:csra6620_firmware:-:::::::*
qualcomm	csra6640_firmware	Affected: * cpe:2.3:o:qualcomm:csra6640_firmware:-:::::::*
qualcomm	mdm8207_firmware	Affected: * cpe:2.3:o:qualcomm:mdm8207_firmware:-:::::::*
qualcomm	mdm9205_firmware	Affected: * cpe:2.3:o:qualcomm:mdm9205_firmware:-:::::::*
qualcomm	mdm9206_firmware	Affected: * cpe:2.3:o:qualcomm:mdm9206_firmware:-:::::::*
qualcomm	mdm9207_firmware	Affected: * cpe:2.3:o:qualcomm:mdm9207_firmware:-:::::::*
qualcomm	mdm9607_firmware	Affected: * cpe:2.3:o:qualcomm:mdm9607_firmware:-:::::::*
qualcomm	qca4004_firmware	Affected: * cpe:2.3:o:qualcomm:qca4004_firmware:-:::::::*
qualcomm	qca4020_firmware	Affected: * cpe:2.3:o:qualcomm:qca4020_firmware:-:::::::*
qualcomm	qca4024_firmware	Affected: * cpe:2.3:o:qualcomm:qca4024_firmware:-:::::::*
qualcomm	qcs405_firmware	Affected: * cpe:2.3:o:qualcomm:qcs405_firmware:-:::::::*
qualcomm	qts110_firmware	Affected: * cpe:2.3:o:qualcomm:qts110_firmware:-:::::::*
qualcomm	ssg2115p_firmware	Affected: * cpe:2.3:o:qualcomm:ssg2115p_firmware:-:::::::*
qualcomm	ssg2125p_firmware	Affected: * cpe:2.3:o:qualcomm:ssg2125p_firmware:-:::::::*
qualcomm	sxr1230p_firmware	Affected: * cpe:2.3:o:qualcomm:sxr1230p_firmware:-:::::::*
qualcomm	sxr2230p_firmware	Affected: * cpe:2.3:o:qualcomm:sxr2230p_firmware:-:::::::*
qualcomm	wcd9306_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9306_firmware:-:::::::*
qualcomm	wcd9330_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9330_firmware:-:::::::*
qualcomm	wcd9335_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9335_firmware:-:::::::*
qualcomm	wcd9380_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*
qualcomm	wcd9385_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::*
qualcomm	wcn3980_firmware	Affected: * cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::*
qualcomm	wcn3998_firmware	Affected: * cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::*
qualcomm	wcn3999_firmware	Affected: * cpe:2.3:o:qualcomm:wcn3999_firmware:-:::::::*
qualcomm	wcn6855_firmware	Affected: * cpe:2.3:o:qualcomm:wcn6855_firmware:-:::::::*
qualcomm	wcn6856_firmware	Affected: * cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::*
qualcomm	wcn7850_firmware	Affected: * cpe:2.3:o:qualcomm:wcn7850_firmware:-:::::::*
qualcomm	wcn7851_firmware	Affected: * cpe:2.3:o:qualcomm:wcn7851_firmware:-:::::::*
qualcomm	wsa8810_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::*
qualcomm	wsa8815_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::*
qualcomm	wsa8830_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::*
qualcomm	wsa8832_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::*
qualcomm	wsa8835_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ar8031_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "csra6620_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "csra6640_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm8207_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9205_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9206_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9207_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9607_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4004_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4020_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4024_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcs405_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qts110_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2115p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2125p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr1230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr2230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9306_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9330_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9335_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9385_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3980_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3998_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3999_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6855_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6856_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn7850_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn7851_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8810_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8815_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8830_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8832_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8835_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25728",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T17:00:16.866453Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T17:00:31.986Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:42.786Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Voice \u0026 Music"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8031"
            },
            {
              "status": "affected",
              "version": "CSRA6620"
            },
            {
              "status": "affected",
              "version": "CSRA6640"
            },
            {
              "status": "affected",
              "version": "MDM8207"
            },
            {
              "status": "affected",
              "version": "MDM9205"
            },
            {
              "status": "affected",
              "version": "MDM9206"
            },
            {
              "status": "affected",
              "version": "MDM9207"
            },
            {
              "status": "affected",
              "version": "MDM9607"
            },
            {
              "status": "affected",
              "version": "QCA4004"
            },
            {
              "status": "affected",
              "version": "QCA4020"
            },
            {
              "status": "affected",
              "version": "QCA4024"
            },
            {
              "status": "affected",
              "version": "QCS405"
            },
            {
              "status": "affected",
              "version": "QTS110"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9306"
            },
            {
              "status": "affected",
              "version": "WCD9330"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3998"
            },
            {
              "status": "affected",
              "version": "WCN3999"
            },
            {
              "status": "affected",
              "version": "WCN6855"
            },
            {
              "status": "affected",
              "version": "WCN6856"
            },
            {
              "status": "affected",
              "version": "WCN7850"
            },
            {
              "status": "affected",
              "version": "WCN7851"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in modem due to buffer over-read while processing response from DNS server"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:31:31.075Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
        }
      ],
      "title": "Buffer Over-read in MODEM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-25728",
    "datePublished": "2023-02-09T06:58:16.659Z",
    "dateReserved": "2022-02-22T11:38:09.308Z",
    "dateUpdated": "2024-08-03T04:49:42.786Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-25730 (GCVE-0-2022-25730)

Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49

Title

Buffer Over-read in MODEM

Summary

Information disclosure in modem due to improper check of IP type while processing DNS server query

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-126 - Buffer Over-read

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

26 products

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: 9205 LTE Modem Affected: 9206 LTE Modem Affected: 9207 LTE Modem Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: MDM8207 Affected: QCA4004 Affected: QCA4010 Affected: QTS110 Affected: Snapdragon 1100 Wearable Platform Affected: Snapdragon 1200 Wearable Platform Affected: Snapdragon AR2 Gen 1 Platform Affected: Snapdragon Wear 1300 Platform Affected: Snapdragon X5 LTE Modem Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9306 Affected: WCD9330 Affected: WCD9380 Affected: WCD9385 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835
qualcomm	snapdragon_1100_wearable_platform	Affected: - cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:::::::*
qualcomm	snapdragon_1200_wearable_platform	Affected: - cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:::::::*
qualcomm	9205_lte_modem	Affected: - cpe:2.3:h:qualcomm:9205_lte_modem:-:::::::*
qualcomm	9206_lte_modem	Affected: - cpe:2.3:h:qualcomm:9206_lte_modem:-:::::::*
qualcomm	9207_lte_modem	Affected: - cpe:2.3:h:qualcomm:9207_lte_modem:-:::::::*
qualcomm	fastconnect_6900	Affected: - cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::*
qualcomm	fastconnect_7800	Affected: - cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::*
qualcomm	mdm8207	Affected: - cpe:2.3:h:qualcomm:mdm8207:-:::::::*
qualcomm	qca4004	Affected: - cpe:2.3:h:qualcomm:qca4004:-:::::::*
qualcomm	qca4010	Affected: - cpe:2.3:h:qualcomm:qca4010:-:::::::*
qualcomm	qts110	Affected: - cpe:2.3:h:qualcomm:qts110:-:::::::*
qualcomm	snapdragon_ar2_gen1_platform	Affected: - cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:::::::*
qualcomm	snapdragon_wear_1300_platform	Affected: - cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:::::::*
qualcomm	snapdragon_x5_lte_firmware	Affected: - cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:::::::*
qualcomm	ssg2115p	Affected: - cpe:2.3:h:qualcomm:ssg2115p:-:::::::*
qualcomm	ssg2125p	Affected: - cpe:2.3:h:qualcomm:ssg2125p:-:::::::*
qualcomm	sxr1230p	Affected: - cpe:2.3:h:qualcomm:sxr1230p:-:::::::*
qualcomm	sxr2230p	Affected: - cpe:2.3:h:qualcomm:sxr2230p:-:::::::*
qualcomm	wcd9306	Affected: - cpe:2.3:h:qualcomm:wcd9306:-:::::::*
qualcomm	wcd9330	Affected: - cpe:2.3:h:qualcomm:wcd9330:-:::::::*
qualcomm	wcd9380	Affected: - cpe:2.3:h:qualcomm:wcd9380:-:::::::*
qualcomm	wcd9385	Affected: - cpe:2.3:h:qualcomm:wcd9385:-:::::::*
qualcomm	wsa8830	Affected: - cpe:2.3:h:qualcomm:wsa8830:-:::::::*
qualcomm	wsa8832	Affected: - cpe:2.3:h:qualcomm:wsa8832:-:::::::*
qualcomm	wsa8835	Affected: - cpe:2.3:h:qualcomm:wsa8835:-:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_1100_wearable_platform",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_1200_wearable_platform",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9205_lte_modem",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9206_lte_modem",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9207_lte_modem",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_6900",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_7800",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm8207",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4004",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4010",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qts110",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_ar2_gen1_platform",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_wear_1300_platform",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x5_lte_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2115p",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2125p",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr1230p",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr2230p",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9306",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9330",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9385",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8830",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8832",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8835",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25730",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-19T16:03:34.222184Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:35.279Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:42.831Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "9205 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9206 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9207 LTE Modem"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "MDM8207"
            },
            {
              "status": "affected",
              "version": "QCA4004"
            },
            {
              "status": "affected",
              "version": "QCA4010"
            },
            {
              "status": "affected",
              "version": "QTS110"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1100 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1200 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon AR2 Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 1300 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X5 LTE Modem"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9306"
            },
            {
              "status": "affected",
              "version": "WCD9330"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in modem due to improper check of IP type while processing DNS server query"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:28:15.247Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
        }
      ],
      "title": "Buffer Over-read in MODEM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-25730",
    "datePublished": "2023-04-04T04:46:13.925Z",
    "dateReserved": "2022-02-22T11:38:09.309Z",
    "dateUpdated": "2024-08-03T04:49:42.831Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-25732 (GCVE-0-2022-25732)

Vulnerability from cvelistv5 – Published: 2023-02-09 06:58 – Updated: 2024-08-03 04:49

Title

Buffer Over-read in MODEM

Summary

Information disclosure in modem due to buffer over read in dns client due to missing length check

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-126 - Buffer Over-read

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

34 products

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: AR8031 Affected: CSRA6620 Affected: CSRA6640 Affected: MDM8207 Affected: MDM9205 Affected: MDM9206 Affected: MDM9207 Affected: MDM9607 Affected: QCA4004 Affected: QCA4020 Affected: QCA4024 Affected: QCS405 Affected: QTS110 Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9306 Affected: WCD9330 Affected: WCD9335 Affected: WCD9380 Affected: WCD9385 Affected: WCN3980 Affected: WCN3999 Affected: WCN6855 Affected: WCN6856 Affected: WCN7850 Affected: WCN7851 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835
qualcomm	ar8031_firmware	Affected: * cpe:2.3:o:qualcomm:ar8031_firmware:-:::::::*
qualcomm	csra6620_firmware	Affected: * cpe:2.3:o:qualcomm:csra6620_firmware:-:::::::*
qualcomm	csra6640_firmware	Affected: * cpe:2.3:o:qualcomm:csra6640_firmware:-:::::::*
qualcomm	mdm8207_firmware	Affected: * cpe:2.3:o:qualcomm:mdm8207_firmware:-:::::::*
qualcomm	mdm9205_firmware	Affected: * cpe:2.3:o:qualcomm:mdm9205_firmware:-:::::::*
qualcomm	mdm9206_firmware	Affected: * cpe:2.3:o:qualcomm:mdm9206_firmware:-:::::::*
qualcomm	mdm9207_firmware	Affected: * cpe:2.3:o:qualcomm:mdm9207_firmware:-:::::::*
qualcomm	mdm9607_firmware	Affected: * cpe:2.3:o:qualcomm:mdm9607_firmware:-:::::::*
qualcomm	qca4004_firmware	Affected: * cpe:2.3:o:qualcomm:qca4004_firmware:-:::::::*
qualcomm	qca4020_firmware	Affected: * cpe:2.3:o:qualcomm:qca4020_firmware:-:::::::*
qualcomm	qca4024_firmware	Affected: * cpe:2.3:o:qualcomm:qca4024_firmware:-:::::::*
qualcomm	qcs405_firmware	Affected: * cpe:2.3:o:qualcomm:qcs405_firmware:-:::::::*
qualcomm	qts110_firmware	Affected: * cpe:2.3:o:qualcomm:qts110_firmware:-:::::::*
qualcomm	ssg2115p_firmware	Affected: * cpe:2.3:o:qualcomm:ssg2115p_firmware:-:::::::*
qualcomm	ssg2125p_firmware	Affected: * cpe:2.3:o:qualcomm:ssg2125p_firmware:-:::::::*
qualcomm	sxr1230p_firmware	Affected: * cpe:2.3:o:qualcomm:sxr1230p_firmware:-:::::::*
qualcomm	sxr2230p_firmware	Affected: * cpe:2.3:o:qualcomm:sxr2230p_firmware:-:::::::*
qualcomm	wcd9306_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9306_firmware:-:::::::*
qualcomm	wcd9330_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9330_firmware:-:::::::*
qualcomm	wcd9335_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9335_firmware:-:::::::*
qualcomm	wcd9380_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*
qualcomm	wcd9385_firmware	Affected: * cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::*
qualcomm	wcn3980_firmware	Affected: * cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::*
qualcomm	wcn3999_firmware	Affected: * cpe:2.3:o:qualcomm:wcn3999_firmware:-:::::::*
qualcomm	wcn6855_firmware	Affected: * cpe:2.3:o:qualcomm:wcn6855_firmware:-:::::::*
qualcomm	wcn6856_firmware	Affected: * cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::*
qualcomm	wcn7850_firmware	Affected: * cpe:2.3:o:qualcomm:wcn7850_firmware:-:::::::*
qualcomm	wcn7851_firmware	Affected: * cpe:2.3:o:qualcomm:wcn7851_firmware:-:::::::*
qualcomm	wsa8810_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::*
qualcomm	wsa8815_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::*
qualcomm	wsa8830_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::*
qualcomm	wsa8832_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::*
qualcomm	wsa8835_firmware	Affected: * cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ar8031_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "csra6620_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "csra6640_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm8207_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9205_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9206_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9207_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9607_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4004_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4020_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4024_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcs405_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qts110_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2115p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2125p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr1230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr2230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9306_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9330_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9335_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9385_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3980_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3999_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6855_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6856_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn7850_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn7851_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8810_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8815_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8830_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8832_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8835_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25732",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T16:59:01.609070Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T16:59:11.939Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:43.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Voice \u0026 Music"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8031"
            },
            {
              "status": "affected",
              "version": "CSRA6620"
            },
            {
              "status": "affected",
              "version": "CSRA6640"
            },
            {
              "status": "affected",
              "version": "MDM8207"
            },
            {
              "status": "affected",
              "version": "MDM9205"
            },
            {
              "status": "affected",
              "version": "MDM9206"
            },
            {
              "status": "affected",
              "version": "MDM9207"
            },
            {
              "status": "affected",
              "version": "MDM9607"
            },
            {
              "status": "affected",
              "version": "QCA4004"
            },
            {
              "status": "affected",
              "version": "QCA4020"
            },
            {
              "status": "affected",
              "version": "QCA4024"
            },
            {
              "status": "affected",
              "version": "QCS405"
            },
            {
              "status": "affected",
              "version": "QTS110"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9306"
            },
            {
              "status": "affected",
              "version": "WCD9330"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3999"
            },
            {
              "status": "affected",
              "version": "WCN6855"
            },
            {
              "status": "affected",
              "version": "WCN6856"
            },
            {
              "status": "affected",
              "version": "WCN7850"
            },
            {
              "status": "affected",
              "version": "WCN7851"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in modem due to buffer over read in dns client due to missing length check"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:31:37.935Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
        }
      ],
      "title": "Buffer Over-read in MODEM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-25732",
    "datePublished": "2023-02-09T06:58:18.950Z",
    "dateReserved": "2022-02-22T11:38:09.310Z",
    "dateUpdated": "2024-08-03T04:49:43.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-25738 (GCVE-0-2022-25738)

Vulnerability from cvelistv5 – Published: 2023-02-09 06:58 – Updated: 2024-08-03 04:49

Title

Buffer Over-read in MODEM

Summary

Information disclosure in modem due to buffer over-red while performing checksum of packet received

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CWE

CWE-126 - Buffer Over-read

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: AR8031 Affected: CSRA6620 Affected: CSRA6640 Affected: MDM8207 Affected: MDM9205 Affected: MDM9206 Affected: MDM9207 Affected: MDM9607 Affected: QCA4004 Affected: QCA4010 Affected: QCA4020 Affected: QCA4024 Affected: QCS405 Affected: QTS110 Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9306 Affected: WCD9330 Affected: WCD9335 Affected: WCD9380 Affected: WCD9385 Affected: WCN3980 Affected: WCN3998 Affected: WCN3999 Affected: WCN6855 Affected: WCN6856 Affected: WCN7850 Affected: WCN7851 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:43.123Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Voice \u0026 Music"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8031"
            },
            {
              "status": "affected",
              "version": "CSRA6620"
            },
            {
              "status": "affected",
              "version": "CSRA6640"
            },
            {
              "status": "affected",
              "version": "MDM8207"
            },
            {
              "status": "affected",
              "version": "MDM9205"
            },
            {
              "status": "affected",
              "version": "MDM9206"
            },
            {
              "status": "affected",
              "version": "MDM9207"
            },
            {
              "status": "affected",
              "version": "MDM9607"
            },
            {
              "status": "affected",
              "version": "QCA4004"
            },
            {
              "status": "affected",
              "version": "QCA4010"
            },
            {
              "status": "affected",
              "version": "QCA4020"
            },
            {
              "status": "affected",
              "version": "QCA4024"
            },
            {
              "status": "affected",
              "version": "QCS405"
            },
            {
              "status": "affected",
              "version": "QTS110"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9306"
            },
            {
              "status": "affected",
              "version": "WCD9330"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3998"
            },
            {
              "status": "affected",
              "version": "WCN3999"
            },
            {
              "status": "affected",
              "version": "WCN6855"
            },
            {
              "status": "affected",
              "version": "WCN6856"
            },
            {
              "status": "affected",
              "version": "WCN7850"
            },
            {
              "status": "affected",
              "version": "WCN7851"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in modem due to buffer over-red while performing checksum of packet received"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:31:51.600Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
        }
      ],
      "title": "Buffer Over-read in MODEM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-25738",
    "datePublished": "2023-02-09T06:58:23.939Z",
    "dateReserved": "2022-02-22T11:38:09.312Z",
    "dateUpdated": "2024-08-03T04:49:43.123Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-25747 (GCVE-0-2022-25747)

Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2025-02-11 14:22

Title

Buffer Over-read in MODEM

Summary

Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-126 - Buffer Over-read

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: 9205 LTE Modem Affected: 9206 LTE Modem Affected: 9207 LTE Modem Affected: MDM8207 Affected: QCA4004 Affected: QTS110 Affected: Snapdragon 1100 Wearable Platform Affected: Snapdragon 1200 Wearable Platform Affected: Snapdragon Wear 1300 Platform Affected: Snapdragon X5 LTE Modem Affected: WCD9306 Affected: WCD9330

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:43.163Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25747",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T14:22:39.175178Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T14:22:45.962Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Industrial IOT"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "9205 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9206 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9207 LTE Modem"
            },
            {
              "status": "affected",
              "version": "MDM8207"
            },
            {
              "status": "affected",
              "version": "QCA4004"
            },
            {
              "status": "affected",
              "version": "QTS110"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1100 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1200 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 1300 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X5 LTE Modem"
            },
            {
              "status": "affected",
              "version": "WCD9306"
            },
            {
              "status": "affected",
              "version": "WCD9330"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:28:35.739Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
        }
      ],
      "title": "Buffer Over-read in MODEM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-25747",
    "datePublished": "2023-04-04T04:46:21.972Z",
    "dateReserved": "2022-02-22T11:38:09.317Z",
    "dateUpdated": "2025-02-11T14:22:45.962Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-3178 (GCVE-0-2022-3178)

Vulnerability from cvelistv5 – Published: 2022-09-12 16:30 – Updated: 2024-08-03 01:00

Title

Buffer Over-read in gpac/gpac

Summary

Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV.

Severity

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-126 - Buffer Over-read

Assigner

@huntrdev

References

2 references

URL	Tags
https://huntr.dev/bounties/f022fc50-3dfd-450a-ab4…	x_refsource_CONFIRM
https://github.com/gpac/gpac/commit/7751077851680…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
gpac	gpac/gpac	Affected: unspecified , < 2.1.0-DEV (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:00:10.671Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/f022fc50-3dfd-450a-ab47-3d75d2bf44c0"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/gpac/gpac/commit/77510778516803b7f7402d7423c6d6bef50254c3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gpac/gpac",
          "vendor": "gpac",
          "versions": [
            {
              "lessThan": "2.1.0-DEV",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-12T16:30:12.000Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://huntr.dev/bounties/f022fc50-3dfd-450a-ab47-3d75d2bf44c0"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/gpac/gpac/commit/77510778516803b7f7402d7423c6d6bef50254c3"
        }
      ],
      "source": {
        "advisory": "f022fc50-3dfd-450a-ab47-3d75d2bf44c0",
        "discovery": "EXTERNAL"
      },
      "title": "Buffer Over-read in gpac/gpac",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2022-3178",
          "STATE": "PUBLIC",
          "TITLE": "Buffer Over-read in gpac/gpac"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "gpac/gpac",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "2.1.0-DEV"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "gpac"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-126 Buffer Over-read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://huntr.dev/bounties/f022fc50-3dfd-450a-ab47-3d75d2bf44c0",
              "refsource": "CONFIRM",
              "url": "https://huntr.dev/bounties/f022fc50-3dfd-450a-ab47-3d75d2bf44c0"
            },
            {
              "name": "https://github.com/gpac/gpac/commit/77510778516803b7f7402d7423c6d6bef50254c3",
              "refsource": "MISC",
              "url": "https://github.com/gpac/gpac/commit/77510778516803b7f7402d7423c6d6bef50254c3"
            }
          ]
        },
        "source": {
          "advisory": "f022fc50-3dfd-450a-ab47-3d75d2bf44c0",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2022-3178",
    "datePublished": "2022-09-12T16:30:12.000Z",
    "dateReserved": "2022-09-12T00:00:00.000Z",
    "dateUpdated": "2024-08-03T01:00:10.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-32141 (GCVE-0-2022-32141)

Vulnerability from cvelistv5 – Published: 2022-06-24 07:46 – Updated: 2024-09-16 17:27

Title

CODESYS runtime system prone to denial of service due to buffer over read

Summary

Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-126 - Buffer Over-read

Assigner

CERTVDE

References

1 reference

URL	Tags
https://customers.codesys.com/index.php?eID=dumpF…	x_refsource_CONFIRM

Impacted products

2 products

Vendor	Product	Version
CODESYS	Runtime Toolkit	Affected: V2 , < V2.4.7.57 (custom)
CODESYS	PLCWinNT	Affected: V2 , < V2.4.7.57 (custom)

Date Public

2022-06-15 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:32:56.012Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32 bit"
          ],
          "product": "Runtime Toolkit",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V2.4.7.57",
              "status": "affected",
              "version": "V2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "PLCWinNT",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V2.4.7.57",
              "status": "affected",
              "version": "V2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-06-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-24T07:46:26.000Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "CODESYS runtime system prone to denial of service due to buffer over read",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2022-06-15T07:34:00.000Z",
          "ID": "CVE-2022-32141",
          "STATE": "PUBLIC",
          "TITLE": "CODESYS runtime system prone to denial of service due to buffer over read"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Runtime Toolkit",
                      "version": {
                        "version_data": [
                          {
                            "platform": "32 bit",
                            "version_affected": "\u003c",
                            "version_name": "V2",
                            "version_value": "V2.4.7.57"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "PLCWinNT",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V2",
                            "version_value": "V2.4.7.57"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "CODESYS"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-126 Buffer Over-read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
              "refsource": "CONFIRM",
              "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2022-32141",
    "datePublished": "2022-06-24T07:46:26.865Z",
    "dateReserved": "2022-05-31T00:00:00.000Z",
    "dateUpdated": "2024-09-16T17:27:44.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-33220 (GCVE-0-2022-33220)

Vulnerability from cvelistv5 – Published: 2023-09-05 06:23 – Updated: 2024-08-03 08:01

Title

Buffer over-read in Automotive multimedia

Summary

Information disclosure in Automotive multimedia due to buffer over-read.

Severity

5.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-126 - Buffer Over-read

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: AQT1000 Affected: QAM8295P Affected: QCA6390 Affected: QCA6391 Affected: QCA6420 Affected: QCA6426 Affected: QCA6430 Affected: QCA6436 Affected: QCA6574AU Affected: QCA6595AU Affected: QCA6696 Affected: QCC5100 Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SD 8 Gen1 5G Affected: SD855 Affected: SD865 5G Affected: SD870 Affected: SD888 5G Affected: SDX55M Affected: SDXR2 5G Affected: SW5100 Affected: SW5100P Affected: WCD9341 Affected: WCD9380 Affected: WCD9385 Affected: WCN3980 Affected: WCN3988 Affected: WCN3998 Affected: WCN6850 Affected: WCN6851 Affected: WCN6855 Affected: WCN6856 Affected: WCN7850 Affected: WCN7851 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-33220",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-11T21:04:47.299164Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-11T21:05:02.055Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T08:01:20.211Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Mobile",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AQT1000"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA6390"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6420"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6430"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCC5100"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SD 8 Gen1 5G"
            },
            {
              "status": "affected",
              "version": "SD855"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "SD870"
            },
            {
              "status": "affected",
              "version": "SD888 5G"
            },
            {
              "status": "affected",
              "version": "SDX55M"
            },
            {
              "status": "affected",
              "version": "SDXR2 5G"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN3998"
            },
            {
              "status": "affected",
              "version": "WCN6850"
            },
            {
              "status": "affected",
              "version": "WCN6851"
            },
            {
              "status": "affected",
              "version": "WCN6855"
            },
            {
              "status": "affected",
              "version": "WCN6856"
            },
            {
              "status": "affected",
              "version": "WCN7850"
            },
            {
              "status": "affected",
              "version": "WCN7851"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in Automotive multimedia due to buffer over-read."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:21:13.514Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
        }
      ],
      "title": "Buffer over-read in Automotive multimedia"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-33220",
    "datePublished": "2023-09-05T06:23:46.847Z",
    "dateReserved": "2022-06-14T10:44:39.576Z",
    "dateUpdated": "2024-08-03T08:01:20.211Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page