6.8

CVE-2022-33221

Information disclosure in Trusted Execution Environment due to buffer over-read while processing metadata verification requests.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommSd 8 Gen1 5g Firmware Version-
   QualcommSm8475 Version-
QualcommSsg2115p Firmware Version-
   QualcommSsg2115p Version-
QualcommSsg2125p Firmware Version-
   QualcommSsg2125p Version-
QualcommSxr1230p Firmware Version-
   QualcommSxr1230p Version-
QualcommSxr2230p Firmware Version-
   QualcommSxr2230p Version-
QualcommWcd9380 Firmware Version-
   QualcommWcd9380 Version-
QualcommWcd9385 Firmware Version-
   QualcommWcd9385 Version-
QualcommWcn6855 Firmware Version-
   QualcommWcn6855 Version-
QualcommWcn6856 Firmware Version-
   QualcommWcn6856 Version-
QualcommWcn7850 Firmware Version-
   QualcommWcn7850 Version-
QualcommWcn7851 Firmware Version-
   QualcommWcn7851 Version-
QualcommWsa8830 Firmware Version-
   QualcommWsa8830 Version-
QualcommWsa8832 Firmware Version-
   QualcommWsa8832 Version-
QualcommWsa8835 Firmware Version-
   QualcommWsa8835 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.049
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
product-security@qualcomm.com 6.8 2.5 4.2
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-126 Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.