Search

Find a vulnerability

Search criteria

    32 vulnerabilities found for snapdragon_wear_1200_firmware by qualcomm

    CVE-2022-33295 (GCVE-0-2022-33295)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer over-read in Modem
    Summary
    Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.531Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:29:31.570Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer over-read in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33295",
        "datePublished": "2023-04-04T04:46:44.921Z",
        "dateReserved": "2022-06-14T10:44:39.611Z",
        "dateUpdated": "2024-08-03T08:01:20.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33294 (GCVE-0-2022-33294)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    NULL pointer dereference in Modem
    Summary
    Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.511Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:29:28.086Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "NULL pointer dereference in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33294",
        "datePublished": "2023-04-04T04:46:43.701Z",
        "dateReserved": "2022-06-14T10:44:39.611Z",
        "dateUpdated": "2024-08-03T08:01:20.511Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33259 (GCVE-0-2022-33259)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer copy without checking the size of input in Modem
    Summary
    Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.
    CWE
    • CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.536Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:29:00.342Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer copy without checking the size of input in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33259",
        "datePublished": "2023-04-04T04:46:32.158Z",
        "dateReserved": "2022-06-14T10:44:39.591Z",
        "dateUpdated": "2024-08-03T08:01:20.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33258 (GCVE-0-2022-33258)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer over-read in Modem
    Summary
    Information disclosure due to buffer over-read in modem while reading configuration parameters.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    qualcomm 9205_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-33258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-11T20:19:06.274943Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-11T20:19:12.228Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.522Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure due to buffer over-read in modem while reading configuration parameters."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:56.911Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer over-read in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33258",
        "datePublished": "2023-04-04T04:46:30.687Z",
        "dateReserved": "2022-06-14T10:44:39.591Z",
        "dateUpdated": "2024-08-03T08:01:20.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33228 (GCVE-0-2022-33228)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer over-read in Modem
    Summary
    Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-33228",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-05T16:42:57.647678Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T16:43:08.934Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.412Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:49.546Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer over-read in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33228",
        "datePublished": "2023-04-04T04:46:27.647Z",
        "dateReserved": "2022-06-14T10:44:39.578Z",
        "dateUpdated": "2024-08-03T08:01:20.412Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33223 (GCVE-0-2022-33223)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Null pointer dereference in Modem
    Summary
    Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding.
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.395Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:46.066Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Null pointer dereference in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33223",
        "datePublished": "2023-04-04T04:46:26.078Z",
        "dateReserved": "2022-06-14T10:44:39.577Z",
        "dateUpdated": "2024-08-03T08:01:20.395Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33222 (GCVE-0-2022-33222)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer over-read in Modem
    Summary
    Information disclosure due to buffer over-read while parsing DNS response packets in Modem.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QCA4010
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.355Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QCA4010"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure due to buffer over-read while parsing DNS response packets in Modem."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:42.632Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer over-read in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33222",
        "datePublished": "2023-04-04T04:46:24.575Z",
        "dateReserved": "2022-06-14T10:44:39.577Z",
        "dateUpdated": "2024-08-03T08:01:20.355Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33211 (GCVE-0-2022-33211)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Improper Input Validation in MODEM
    Summary
    memory corruption in modem due to improper check while calculating size of serialized CoAP message
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    qualcomm 9205_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207_firmware Affected: *
        cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004_firmware Affected: *
        cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110_firmware Affected: *
        cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-33211",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-10T17:06:24.893473Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-10T17:08:30.165Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.237Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "memory corruption in modem due to improper check while calculating size of serialized CoAP message"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:39.182Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Improper Input Validation in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33211",
        "datePublished": "2023-04-04T04:46:23.347Z",
        "dateReserved": "2022-06-14T10:44:39.573Z",
        "dateUpdated": "2024-08-03T08:01:20.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25747 (GCVE-0-2022-25747)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2025-02-11 14:22
    VLAI
    Title
    Buffer Over-read in MODEM
    Summary
    Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.163Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25747",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-11T14:22:39.175178Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-11T14:22:45.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:35.739Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer Over-read in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25747",
        "datePublished": "2023-04-04T04:46:21.972Z",
        "dateReserved": "2022-02-22T11:38:09.317Z",
        "dateUpdated": "2025-02-11T14:22:45.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25740 (GCVE-0-2022-25740)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Buffer Copy Without Checking Size of Input in MODEM
    Summary
    Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    qualcomm 9205_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207_firmware Affected: *
        cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004_firmware Affected: *
        cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110_firmware Affected: *
        cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25740",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-10T17:10:31.690045Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-10T17:10:37.509Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.186Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:28.852Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer Copy Without Checking Size of Input in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25740",
        "datePublished": "2023-04-04T04:46:19.314Z",
        "dateReserved": "2022-02-22T11:38:09.313Z",
        "dateUpdated": "2024-08-03T04:49:43.186Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25739 (GCVE-0-2022-25739)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Null Point Dereference in MODEM
    Summary
    Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon AR2 Gen 1 Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: SSG2115P
    Affected: SSG2125P
    Affected: SXR1230P
    Affected: SXR2230P
    Affected: WCD9306
    Affected: WCD9330
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Create a notification for this product.
    qualcomm 9205_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_6900_firmware Affected: *
        cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_7800_firmware Affected: *
        cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207_firmware Affected: *
        cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004_firmware Affected: *
        cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110_firmware Affected: *
        cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_ar2_gen_1_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2115p_firmware Affected: *
        cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2125p_firmware Affected: *
        cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr1230p_firmware Affected: *
        cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr2230p_firmware Affected: *
        cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9380_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9385_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8830_firmware Affected: *
        cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8832_firmware Affected: *
        cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8835_firmware Affected: *
        cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_6900_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_7800_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_ar2_gen_1_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2115p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2125p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr1230p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr2230p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9380_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9385_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8830_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8832_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8835_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25739",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-10T17:11:14.969354Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-10T17:11:32.528Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.196Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR2 Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "SSG2115P"
                },
                {
                  "status": "affected",
                  "version": "SSG2125P"
                },
                {
                  "status": "affected",
                  "version": "SXR1230P"
                },
                {
                  "status": "affected",
                  "version": "SXR2230P"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:25.458Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Null Point Dereference in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25739",
        "datePublished": "2023-04-04T04:46:17.961Z",
        "dateReserved": "2022-02-22T11:38:09.313Z",
        "dateUpdated": "2024-08-03T04:49:43.196Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25737 (GCVE-0-2022-25737)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Use of Uninitialized Variable in MODEM
    Summary
    Information disclosure in modem due to missing NULL check while reading packets received from local network
    CWE
    • CWE-457 - Use of Uninitialized Variable
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.201Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in modem due to missing NULL check  while reading packets received from local network"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-457",
                  "description": "CWE-457 Use of Uninitialized Variable",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:22.075Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Use of Uninitialized Variable in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25737",
        "datePublished": "2023-04-04T04:46:16.687Z",
        "dateReserved": "2022-02-22T11:38:09.312Z",
        "dateUpdated": "2024-08-03T04:49:43.201Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25731 (GCVE-0-2022-25731)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Incorrect Calculation of Buffer Size in MODEM
    Summary
    Information disclosure in modem due to buffer over-read while processing packets from DNS server
    CWE
    • CWE-131 - Incorrect Calculation of Buffer Size
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QCA4010
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.141Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QCA4010"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in modem due to buffer over-read while processing packets from DNS server"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-131",
                  "description": "CWE-131 Incorrect Calculation of Buffer Size",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:18.696Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Incorrect Calculation of Buffer Size in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25731",
        "datePublished": "2023-04-04T04:46:15.237Z",
        "dateReserved": "2022-02-22T11:38:09.310Z",
        "dateUpdated": "2024-08-03T04:49:43.141Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25730 (GCVE-0-2022-25730)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Buffer Over-read in MODEM
    Summary
    Information disclosure in modem due to improper check of IP type while processing DNS server query
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: MDM8207
    Affected: QCA4004
    Affected: QCA4010
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon AR2 Gen 1 Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: SSG2115P
    Affected: SSG2125P
    Affected: SXR1230P
    Affected: SXR2230P
    Affected: WCD9306
    Affected: WCD9330
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform Affected: -
        cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform Affected: -
        cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9205_lte_modem Affected: -
        cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem Affected: -
        cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem Affected: -
        cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_6900 Affected: -
        cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_7800 Affected: -
        cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207 Affected: -
        cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004 Affected: -
        cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4010 Affected: -
        cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110 Affected: -
        cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_ar2_gen1_platform Affected: -
        cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform Affected: -
        cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_firmware Affected: -
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2115p Affected: -
        cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2125p Affected: -
        cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr1230p Affected: -
        cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr2230p Affected: -
        cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306 Affected: -
        cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330 Affected: -
        cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9380 Affected: -
        cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9385 Affected: -
        cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8830 Affected: -
        cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8832 Affected: -
        cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8835 Affected: -
        cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_6900",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_7800",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4010",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_ar2_gen1_platform",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2115p",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2125p",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr1230p",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr2230p",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9380",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9385",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8830",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8832",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8835",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25730",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-19T16:03:34.222184Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:15:35.279Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:42.831Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QCA4010"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR2 Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "SSG2115P"
                },
                {
                  "status": "affected",
                  "version": "SSG2125P"
                },
                {
                  "status": "affected",
                  "version": "SXR1230P"
                },
                {
                  "status": "affected",
                  "version": "SXR2230P"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in modem due to improper check of IP type while processing DNS server query"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:15.247Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer Over-read in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25730",
        "datePublished": "2023-04-04T04:46:13.925Z",
        "dateReserved": "2022-02-22T11:38:09.309Z",
        "dateUpdated": "2024-08-03T04:49:42.831Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25726 (GCVE-0-2022-25726)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Buffer Over-read in MODEM
    Summary
    Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon AR2 Gen 1 Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: SSG2115P
    Affected: SSG2125P
    Affected: SXR1230P
    Affected: SXR2230P
    Affected: WCD9306
    Affected: WCD9330
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Create a notification for this product.
    qualcomm 9205_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_6900_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_7800_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_ar2_gen_1_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2115p_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2125p_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr1230p_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr2230p_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9380_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9385_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8830_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8832_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8835_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_6900_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_7800_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_ar2_gen_1_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2115p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2125p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr1230p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr2230p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9380_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9385_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8830_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8832_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8835_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25726",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-11T21:14:37.241171Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-11T21:14:43.066Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:42.739Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR2 Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "SSG2115P"
                },
                {
                  "status": "affected",
                  "version": "SSG2125P"
                },
                {
                  "status": "affected",
                  "version": "SXR1230P"
                },
                {
                  "status": "affected",
                  "version": "SXR2230P"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:11.840Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer Over-read in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25726",
        "datePublished": "2023-04-04T04:46:12.603Z",
        "dateReserved": "2022-02-22T11:38:09.302Z",
        "dateUpdated": "2024-08-03T04:49:42.739Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25678 (GCVE-0-2022-25678)

    Vulnerability from nvd – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:42
    VLAI
    Title
    Buffer Copy Without Checking Size of Input in MODEM
    Summary
    Memory correction in modem due to buffer overwrite during coap connection
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25678",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-05T16:30:49.822230Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T16:31:06.545Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.661Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory correction in modem due to buffer overwrite during coap connection"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:08.390Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer Copy Without Checking Size of Input in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25678",
        "datePublished": "2023-04-04T04:46:11.198Z",
        "dateReserved": "2022-02-22T11:38:09.283Z",
        "dateUpdated": "2024-08-03T04:42:50.661Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33295 (GCVE-0-2022-33295)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer over-read in Modem
    Summary
    Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.531Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:29:31.570Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer over-read in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33295",
        "datePublished": "2023-04-04T04:46:44.921Z",
        "dateReserved": "2022-06-14T10:44:39.611Z",
        "dateUpdated": "2024-08-03T08:01:20.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33294 (GCVE-0-2022-33294)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    NULL pointer dereference in Modem
    Summary
    Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.511Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:29:28.086Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "NULL pointer dereference in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33294",
        "datePublished": "2023-04-04T04:46:43.701Z",
        "dateReserved": "2022-06-14T10:44:39.611Z",
        "dateUpdated": "2024-08-03T08:01:20.511Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33259 (GCVE-0-2022-33259)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer copy without checking the size of input in Modem
    Summary
    Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.
    CWE
    • CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.536Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:29:00.342Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer copy without checking the size of input in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33259",
        "datePublished": "2023-04-04T04:46:32.158Z",
        "dateReserved": "2022-06-14T10:44:39.591Z",
        "dateUpdated": "2024-08-03T08:01:20.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33258 (GCVE-0-2022-33258)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer over-read in Modem
    Summary
    Information disclosure due to buffer over-read in modem while reading configuration parameters.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    qualcomm 9205_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_modem_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-33258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-11T20:19:06.274943Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-11T20:19:12.228Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.522Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure due to buffer over-read in modem while reading configuration parameters."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:56.911Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer over-read in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33258",
        "datePublished": "2023-04-04T04:46:30.687Z",
        "dateReserved": "2022-06-14T10:44:39.591Z",
        "dateUpdated": "2024-08-03T08:01:20.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33228 (GCVE-0-2022-33228)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer over-read in Modem
    Summary
    Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-33228",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-05T16:42:57.647678Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T16:43:08.934Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.412Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:49.546Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer over-read in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33228",
        "datePublished": "2023-04-04T04:46:27.647Z",
        "dateReserved": "2022-06-14T10:44:39.578Z",
        "dateUpdated": "2024-08-03T08:01:20.412Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33223 (GCVE-0-2022-33223)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Null pointer dereference in Modem
    Summary
    Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding.
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.395Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:46.066Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Null pointer dereference in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33223",
        "datePublished": "2023-04-04T04:46:26.078Z",
        "dateReserved": "2022-06-14T10:44:39.577Z",
        "dateUpdated": "2024-08-03T08:01:20.395Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33222 (GCVE-0-2022-33222)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Buffer over-read in Modem
    Summary
    Information disclosure due to buffer over-read while parsing DNS response packets in Modem.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QCA4010
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.355Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QCA4010"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure due to buffer over-read while parsing DNS response packets in Modem."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:42.632Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer over-read in Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33222",
        "datePublished": "2023-04-04T04:46:24.575Z",
        "dateReserved": "2022-06-14T10:44:39.577Z",
        "dateUpdated": "2024-08-03T08:01:20.355Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33211 (GCVE-0-2022-33211)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 08:01
    VLAI
    Title
    Improper Input Validation in MODEM
    Summary
    memory corruption in modem due to improper check while calculating size of serialized CoAP message
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    qualcomm 9205_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207_firmware Affected: *
        cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004_firmware Affected: *
        cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110_firmware Affected: *
        cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-33211",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-10T17:06:24.893473Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-10T17:08:30.165Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.237Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "memory corruption in modem due to improper check while calculating size of serialized CoAP message"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:39.182Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Improper Input Validation in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33211",
        "datePublished": "2023-04-04T04:46:23.347Z",
        "dateReserved": "2022-06-14T10:44:39.573Z",
        "dateUpdated": "2024-08-03T08:01:20.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25747 (GCVE-0-2022-25747)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2025-02-11 14:22
    VLAI
    Title
    Buffer Over-read in MODEM
    Summary
    Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.163Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25747",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-11T14:22:39.175178Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-11T14:22:45.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:35.739Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer Over-read in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25747",
        "datePublished": "2023-04-04T04:46:21.972Z",
        "dateReserved": "2022-02-22T11:38:09.317Z",
        "dateUpdated": "2025-02-11T14:22:45.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25740 (GCVE-0-2022-25740)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Buffer Copy Without Checking Size of Input in MODEM
    Summary
    Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    qualcomm 9205_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207_firmware Affected: *
        cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004_firmware Affected: *
        cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110_firmware Affected: *
        cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25740",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-10T17:10:31.690045Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-10T17:10:37.509Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.186Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:28.852Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer Copy Without Checking Size of Input in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25740",
        "datePublished": "2023-04-04T04:46:19.314Z",
        "dateReserved": "2022-02-22T11:38:09.313Z",
        "dateUpdated": "2024-08-03T04:49:43.186Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25739 (GCVE-0-2022-25739)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Null Point Dereference in MODEM
    Summary
    Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon AR2 Gen 1 Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: SSG2115P
    Affected: SSG2125P
    Affected: SXR1230P
    Affected: SXR2230P
    Affected: WCD9306
    Affected: WCD9330
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Create a notification for this product.
    qualcomm 9205_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_6900_firmware Affected: *
        cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_7800_firmware Affected: *
        cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207_firmware Affected: *
        cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004_firmware Affected: *
        cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110_firmware Affected: *
        cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_ar2_gen_1_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_modem_firmware Affected: *
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2115p_firmware Affected: *
        cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2125p_firmware Affected: *
        cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr1230p_firmware Affected: *
        cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr2230p_firmware Affected: *
        cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9380_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9385_firmware Affected: *
        cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8830_firmware Affected: *
        cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8832_firmware Affected: *
        cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8835_firmware Affected: *
        cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_6900_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_7800_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_ar2_gen_1_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_modem_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2115p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2125p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr1230p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr2230p_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9380_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9385_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8830_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8832_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8835_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25739",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-10T17:11:14.969354Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-10T17:11:32.528Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.196Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR2 Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "SSG2115P"
                },
                {
                  "status": "affected",
                  "version": "SSG2125P"
                },
                {
                  "status": "affected",
                  "version": "SXR1230P"
                },
                {
                  "status": "affected",
                  "version": "SXR2230P"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:25.458Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Null Point Dereference in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25739",
        "datePublished": "2023-04-04T04:46:17.961Z",
        "dateReserved": "2022-02-22T11:38:09.313Z",
        "dateUpdated": "2024-08-03T04:49:43.196Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25737 (GCVE-0-2022-25737)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Use of Uninitialized Variable in MODEM
    Summary
    Information disclosure in modem due to missing NULL check while reading packets received from local network
    CWE
    • CWE-457 - Use of Uninitialized Variable
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.201Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in modem due to missing NULL check  while reading packets received from local network"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-457",
                  "description": "CWE-457 Use of Uninitialized Variable",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:22.075Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Use of Uninitialized Variable in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25737",
        "datePublished": "2023-04-04T04:46:16.687Z",
        "dateReserved": "2022-02-22T11:38:09.312Z",
        "dateUpdated": "2024-08-03T04:49:43.201Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25731 (GCVE-0-2022-25731)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Incorrect Calculation of Buffer Size in MODEM
    Summary
    Information disclosure in modem due to buffer over-read while processing packets from DNS server
    CWE
    • CWE-131 - Incorrect Calculation of Buffer Size
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: MDM8207
    Affected: QCA4004
    Affected: QCA4010
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: WCD9306
    Affected: WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.141Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QCA4010"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in modem due to buffer over-read while processing packets from DNS server"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-131",
                  "description": "CWE-131 Incorrect Calculation of Buffer Size",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:18.696Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Incorrect Calculation of Buffer Size in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25731",
        "datePublished": "2023-04-04T04:46:15.237Z",
        "dateReserved": "2022-02-22T11:38:09.310Z",
        "dateUpdated": "2024-08-03T04:49:43.141Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25730 (GCVE-0-2022-25730)

    Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
    VLAI
    Title
    Buffer Over-read in MODEM
    Summary
    Information disclosure in modem due to improper check of IP type while processing DNS server query
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: MDM8207
    Affected: QCA4004
    Affected: QCA4010
    Affected: QTS110
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon AR2 Gen 1 Platform
    Affected: Snapdragon Wear 1300 Platform
    Affected: Snapdragon X5 LTE Modem
    Affected: SSG2115P
    Affected: SSG2125P
    Affected: SXR1230P
    Affected: SXR2230P
    Affected: WCD9306
    Affected: WCD9330
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Create a notification for this product.
    qualcomm snapdragon_1100_wearable_platform Affected: -
        cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_1200_wearable_platform Affected: -
        cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9205_lte_modem Affected: -
        cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9206_lte_modem Affected: -
        cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm 9207_lte_modem Affected: -
        cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_6900 Affected: -
        cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm fastconnect_7800 Affected: -
        cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm8207 Affected: -
        cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4004 Affected: -
        cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qca4010 Affected: -
        cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm qts110 Affected: -
        cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_ar2_gen1_platform Affected: -
        cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_wear_1300_platform Affected: -
        cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm snapdragon_x5_lte_firmware Affected: -
        cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2115p Affected: -
        cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm ssg2125p Affected: -
        cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr1230p Affected: -
        cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sxr2230p Affected: -
        cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9306 Affected: -
        cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9330 Affected: -
        cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9380 Affected: -
        cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wcd9385 Affected: -
        cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8830 Affected: -
        cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8832 Affected: -
        cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm wsa8835 Affected: -
        cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1100_wearable_platform",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_1200_wearable_platform",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9205_lte_modem",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9206_lte_modem",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "9207_lte_modem",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_6900",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fastconnect_7800",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm8207",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4004",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qca4010",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "qts110",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_ar2_gen1_platform",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_wear_1300_platform",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "snapdragon_x5_lte_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2115p",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ssg2125p",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr1230p",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sxr2230p",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9306",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9330",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9380",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wcd9385",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8830",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8832",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsa8835",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25730",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-19T16:03:34.222184Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:15:35.279Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:42.831Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "9205 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "QCA4004"
                },
                {
                  "status": "affected",
                  "version": "QCA4010"
                },
                {
                  "status": "affected",
                  "version": "QTS110"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR2 Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Wear 1300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "SSG2115P"
                },
                {
                  "status": "affected",
                  "version": "SSG2125P"
                },
                {
                  "status": "affected",
                  "version": "SXR1230P"
                },
                {
                  "status": "affected",
                  "version": "SXR2230P"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure in modem due to improper check of IP type while processing DNS server query"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-12T16:28:15.247Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
            }
          ],
          "title": "Buffer Over-read in MODEM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25730",
        "datePublished": "2023-04-04T04:46:13.925Z",
        "dateReserved": "2022-02-22T11:38:09.309Z",
        "dateUpdated": "2024-08-03T04:49:42.831Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }