CVE-2022-25729

EPSS 0.14%
Veröffentlicht 12.02.2023 04:15:13
Zuletzt bearbeitet 21.11.2024 06:52:50
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Memory corruption in modem due to improper length check while copying into memory

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Ar8031 Firmware Version-

Qualcomm ≫ Ar8031 Version-

Qualcomm ≫ Csra6620 Firmware Version-

Qualcomm ≫ Csra6620 Version-

Qualcomm ≫ Csra6640 Firmware Version-

Qualcomm ≫ Csra6640 Version-

Qualcomm ≫ Mdm9205 Firmware Version-

Qualcomm ≫ Mdm9205 Version-

Qualcomm ≫ Mdm9206 Firmware Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Qca4004 Firmware Version-

Qualcomm ≫ Qca4004 Version-

Qualcomm ≫ Qca4020 Firmware Version-

Qualcomm ≫ Qca4020 Version-

Qualcomm ≫ Qca4024 Firmware Version-

Qualcomm ≫ Qca4024 Version-

Qualcomm ≫ Qcs405 Firmware Version-

Qualcomm ≫ Qcs405 Version-

Qualcomm ≫ Qts110 Firmware Version-

Qualcomm ≫ Qts110 Version-

Qualcomm ≫ Ssg2115p Firmware Version-

Qualcomm ≫ Ssg2115p Version-

Qualcomm ≫ Ssg2125p Firmware Version-

Qualcomm ≫ Ssg2125p Version-

Qualcomm ≫ Sxr1230p Firmware Version-

Qualcomm ≫ Sxr1230p Version-

Qualcomm ≫ Sxr2230p Firmware Version-

Qualcomm ≫ Sxr2230p Version-

Qualcomm ≫ Wcd9306 Firmware Version-

Qualcomm ≫ Wcd9306 Version-

Qualcomm ≫ Wcd9335 Firmware Version-

Qualcomm ≫ Wcd9335 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcn3980 Firmware Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3998 Firmware Version-

Qualcomm ≫ Wcn3998 Version-

Qualcomm ≫ Wcn3999 Firmware Version-

Qualcomm ≫ Wcn3999 Version-

Qualcomm ≫ Wcn6855 Firmware Version-

Qualcomm ≫ Wcn6855 Version-

Qualcomm ≫ Wcn6856 Firmware Version-

Qualcomm ≫ Wcn6856 Version-

Qualcomm ≫ Wcn7850 Firmware Version-

Qualcomm ≫ Wcn7850 Version-

Qualcomm ≫ Wcn7851 Firmware Version-

Qualcomm ≫ Wcn7851 Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Firmware Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8832 Firmware Version-

Qualcomm ≫ Wsa8832 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.14%	0.312

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-25729

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-25729

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-25729

EUVD