CVE-2022-25712

EPSS 0.04%
Published 13.12.2022 16:15:18
Last modified 22.04.2025 16:15:26
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Aqt1000 Firmware Version-

Qualcomm ≫ Aqt1000 Version-

Qualcomm ≫ Mdm9150 Firmware Version-

Qualcomm ≫ Mdm9150 Version-

Qualcomm ≫ Qca6310 Firmware Version-

Qualcomm ≫ Qca6310 Version-

Qualcomm ≫ Qca6335 Firmware Version-

Qualcomm ≫ Qca6335 Version-

Qualcomm ≫ Qca6390 Firmware Version-

Qualcomm ≫ Qca6390 Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6420 Firmware Version-

Qualcomm ≫ Qca6420 Version-

Qualcomm ≫ Qca6426 Firmware Version-

Qualcomm ≫ Qca6426 Version-

Qualcomm ≫ Qca6430 Firmware Version-

Qualcomm ≫ Qca6430 Version-

Qualcomm ≫ Qca6436 Firmware Version-

Qualcomm ≫ Qca6436 Version-

Qualcomm ≫ Qcc5100 Firmware Version-

Qualcomm ≫ Qcc5100 Version-

Qualcomm ≫ Qcs410 Firmware Version-

Qualcomm ≫ Qcs410 Version-

Qualcomm ≫ Qcs610 Firmware Version-

Qualcomm ≫ Qcs610 Version-

Qualcomm ≫ Qualcomm215 Firmware Version-

Qualcomm ≫ Qualcomm215 Version-

Qualcomm ≫ Sd205 Firmware Version-

Qualcomm ≫ Sd205 Version-

Qualcomm ≫ Sd210 Firmware Version-

Qualcomm ≫ Sd210 Version-

Qualcomm ≫ Sd710 Firmware Version-

Qualcomm ≫ Sd710 Version-

Qualcomm ≫ Sd845 Firmware Version-

Qualcomm ≫ Sd845 Version-

Qualcomm ≫ Sd855 Firmware Version-

Qualcomm ≫ Sd855 Version-

Qualcomm ≫ Sd865 5g Firmware Version-

Qualcomm ≫ Sd865 5g Version-

Qualcomm ≫ Sd870 Firmware Version-

Qualcomm ≫ Sd870 Version-

Qualcomm ≫ Sda429w Firmware Version-

Qualcomm ≫ Sda429w Version-

Qualcomm ≫ Sdx55m Firmware Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Sdxr1 Firmware Version-

Qualcomm ≫ Sdxr1 Version-

Qualcomm ≫ Sdxr2 5g Firmware Version-

Qualcomm ≫ Sdxr2 5g Version-

Qualcomm ≫ Sw5100 Firmware Version-

Qualcomm ≫ Sw5100 Version-

Qualcomm ≫ Sw5100p Firmware Version-

Qualcomm ≫ Sw5100p Version-

Qualcomm ≫ Wcd9326 Firmware Version-

Qualcomm ≫ Wcd9326 Version-

Qualcomm ≫ Wcd9340 Firmware Version-

Qualcomm ≫ Wcd9340 Version-

Qualcomm ≫ Wcd9341 Firmware Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9370 Firmware Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcn3610 Firmware Version-

Qualcomm ≫ Wcn3610 Version-

Qualcomm ≫ Wcn3660b Firmware Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wcn3680b Firmware Version-

Qualcomm ≫ Wcn3680b Version-

Qualcomm ≫ Wcn3950 Firmware Version-

Qualcomm ≫ Wcn3950 Version-

Qualcomm ≫ Wcn3980 Firmware Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3988 Firmware Version-

Qualcomm ≫ Wcn3988 Version-

Qualcomm ≫ Wcn3990 Firmware Version-

Qualcomm ≫ Wcn3990 Version-

Qualcomm ≫ Wcn3998 Firmware Version-

Qualcomm ≫ Wcn3998 Version-

Qualcomm ≫ Wcn6850 Firmware Version-

Qualcomm ≫ Wcn6850 Version-

Qualcomm ≫ Wcn6851 Firmware Version-

Qualcomm ≫ Wcn6851 Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Firmware Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.112

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-25712

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-25712

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-25712

EUVD