7.5

CVE-2022-40538

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommAr8035 Firmware Version-
   QualcommAr8035 Version-
QualcommWcn685x-5 Firmware Version-
   QualcommWcn685x-5 Version-
QualcommWcn685x-1 Firmware Version-
   QualcommWcn685x-1 Version-
QualcommWcn785x-1 Firmware Version-
   QualcommWcn785x-1 Version-
QualcommWcn785x-5 Firmware Version-
   QualcommWcn785x-5 Version-
QualcommQca8081 Firmware Version-
   QualcommQca8081 Version-
QualcommQca8337 Firmware Version-
   QualcommQca8337 Version-
QualcommQcn6024 Firmware Version-
   QualcommQcn6024 Version-
QualcommQcn9024 Firmware Version-
   QualcommQcn9024 Version-
QualcommQcs8550 Firmware Version-
   QualcommQcs8550 Version-
QualcommWcd9380 Firmware Version-
   QualcommWcd9380 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.315
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
product-security@qualcomm.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.