gsd-2022-25726
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet
Aliases
Aliases
{ "GSD": { "alias": "CVE-2022-25726", "id": "GSD-2022-25726" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2022-25726" ], "details": "Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet", "id": "GSD-2022-25726", "modified": "2023-12-13T01:19:27.411813Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2022-25726", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Snapdragon", "version": { "version_data": [ { "version_affected": "=", "version_value": "9205 LTE Modem" }, { "version_affected": "=", "version_value": "9206 LTE Modem" }, { "version_affected": "=", "version_value": "9207 LTE Modem" }, { "version_affected": "=", "version_value": "FastConnect 6900" }, { "version_affected": "=", "version_value": "FastConnect 7800" }, { "version_affected": "=", "version_value": "MDM8207" }, { "version_affected": "=", "version_value": "QCA4004" }, { "version_affected": "=", "version_value": "QTS110" }, { "version_affected": "=", "version_value": "Snapdragon 1100 Wearable Platform" }, { "version_affected": "=", "version_value": "Snapdragon 1200 Wearable Platform" }, { "version_affected": "=", "version_value": "Snapdragon AR2 Gen 1 Platform" }, { "version_affected": "=", "version_value": "Snapdragon Wear 1300 Platform" }, { "version_affected": "=", "version_value": "Snapdragon X5 LTE Modem" }, { "version_affected": "=", "version_value": "SSG2115P" }, { "version_affected": "=", "version_value": "SSG2125P" }, { "version_affected": "=", "version_value": "SXR1230P" }, { "version_affected": "=", "version_value": "SXR2230P" }, { "version_affected": "=", "version_value": "WCD9306" }, { "version_affected": "=", "version_value": "WCD9330" }, { "version_affected": "=", "version_value": "WCD9380" }, { "version_affected": "=", "version_value": "WCD9385" }, { "version_affected": "=", "version_value": "WSA8830" }, { "version_affected": "=", "version_value": "WSA8832" }, { "version_affected": "=", "version_value": "WSA8835" } ] } } ] }, "vendor_name": "Qualcomm, Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet" } ] }, "impact": { "cvss": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "cweId": "CWE-126", "lang": "eng", "value": "CWE-126 Buffer Over-read" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin", "refsource": "MISC", "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin" } ] } }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CFD9663-D78A-45C0-A0E7-A4D5B98C9BF8", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*", "matchCriteriaId": "38C02461-5207-401D-B97A-3E25E23C9B2B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A960B86A-C397-4ACB-AEE6-55F316D32949", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*", "matchCriteriaId": "D79B8959-3D1E-4B48-9181-D75FE90AAF98", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F30E5379-0AA7-44C4-99E7-99B63A6B49EC", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:*", "matchCriteriaId": "3676B953-5BC5-4AFF-A600-3DBFF01B31AD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A07C2049-B227-4849-85D0-B53D690C7697", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcn685x-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "88D2DB07-B72B-4D44-A373-0C7EAB35F388", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C41266FF-5555-4522-AD55-6A7CF8BA33D5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcn785x-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E9C428C-7470-4178-9029-3234086D93F1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE3BA789-3EC2-474D-BD5F-AD67BAE64413", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*", "matchCriteriaId": "5954E2E1-3A62-4601-8D7F-21B7B2D02370", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DFB39496-8699-4DAF-BD7B-AE69260B20CB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9CFBC24-5F15-40DE-806E-62C1EE808992", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2D4B026-2118-448D-A48D-36864DE715B8", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*", "matchCriteriaId": "5ED10480-E005-452C-A03C-D669CE94ABE4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_1100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "73CF3EE2-8933-43F6-945F-B5B01FF68DF1", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_1100:-:*:*:*:*:*:*:*", "matchCriteriaId": "392986E3-9FB2-46F7-8420-6B0DC40E9912", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_1200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8CDAADDF-3C85-4AA2-BDA9-23B6183E193C", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_1200:-:*:*:*:*:*:*:*", "matchCriteriaId": "7EB85D1A-6586-4185-B56C-5C08C0A338AF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C1AB7D4-FB11-4020-A4A0-8F40D98C07F1", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:*:*:*:*:*:*:*", "matchCriteriaId": "FB6053F0-5E34-458A-B084-078E4D4F4021", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_1300_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8571A7EB-7BF1-4613-8CCB-667995115FC0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_1300:-:*:*:*:*:*:*:*", "matchCriteriaId": "2AE7E6EB-E3E7-45FB-AA7B-29937C21D116", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "312A5688-2508-4609-835F-F0957C511AE8", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:*:*:*:*:*:*:*", "matchCriteriaId": "ADD6DFCE-2D24-4A68-8B46-FB47ABEC6694", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC012AD0-BCEE-4B1E-9B15-5D77D78CEA01", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*", "matchCriteriaId": "F51C69B9-F0AB-4BF5-A8C2-64FEB7075593", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "43A90019-4E96-40B5-9E4D-CCBDD51ACA34", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC3D23FE-B3D5-4EC3-8268-98F12181966D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A3CF46D-E1CB-447E-8371-15C3F49B1AA9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcn685x-5:-:*:*:*:*:*:*:*", "matchCriteriaId": "B74FDAF1-82D0-4136-BF97-25C56FCEE77C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "04EA12D4-24E2-4FE9-8CD6-06A8E36DEB2F", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcn785x-5:-:*:*:*:*:*:*:*", "matchCriteriaId": "2AED978B-0330-4B9B-B662-AA8E9E621996", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "descriptions": [ { "lang": "en", "value": "Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet" } ], "id": "CVE-2022-25726", "lastModified": "2024-04-12T17:15:56.810", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "product-security@qualcomm.com", "type": "Secondary" } ] }, "published": "2023-04-13T07:15:10.993", "references": [ { "source": "product-security@qualcomm.com", "tags": [ "Vendor Advisory" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin" } ], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-126" } ], "source": "product-security@qualcomm.com", "type": "Secondary" } ] } } } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.