7.5
CVE-2022-25737
- EPSS 0.3%
- Veröffentlicht 13.04.2023 07:15:12
- Zuletzt bearbeitet 21.11.2024 06:52:52
- Quelle product-security@qualcomm.com
- CVE-Watchlists
- Unerledigt
LoginUse of Uninitialized Variable in MODEM
Information disclosure in modem due to missing NULL check while reading packets received from local network
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Mdm8207 Firmware Version-
Qualcomm ≫ Mdm9205 Firmware Version-
Qualcomm ≫ Mdm9206 Firmware Version-
Qualcomm ≫ Mdm9207 Firmware Version-
Qualcomm ≫ Qca4004 Firmware Version-
Qualcomm ≫ Qts110 Firmware Version-
Qualcomm ≫ Snapdragon Wear 1100 Firmware Version-
Qualcomm ≫ Snapdragon Wear 1200 Firmware Version-
Qualcomm ≫ Snapdragon Wear 1300 Firmware Version-
Qualcomm ≫ Snapdragon X5 Lte Modem Firmware Version-
Qualcomm ≫ Wcd9306 Firmware Version-
Qualcomm ≫ Wcd9330 Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.532 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| product-security@qualcomm.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-457 Use of Uninitialized Variable
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
CWE-908 Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.