CVE-2022-25727

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-25727
Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4020:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*
History

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-1284

18 Nov 2022, 04:58

Type Values Removed Values Added
CWE NVD-CWE-Other
References (CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin - (CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin - Vendor Advisory
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
CPE cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4020:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*
First Time Qualcomm qcs405
Qualcomm qca4004
Qualcomm csra6620 Firmware
Qualcomm
Qualcomm csra6620
Qualcomm qca4024
Qualcomm qca4020 Firmware
Qualcomm qcs405 Firmware
Qualcomm qca4004 Firmware
Qualcomm mdm8207
Qualcomm wsa8810 Firmware
Qualcomm mdm9206
Qualcomm wcn3998 Firmware
Qualcomm wcn3980
Qualcomm wcd9306 Firmware
Qualcomm wcd9330 Firmware
Qualcomm ar8031 Firmware
Qualcomm qca4020
Qualcomm csra6640
Qualcomm wsa8815
Qualcomm mdm9205
Qualcomm wcn3999 Firmware
Qualcomm qca4010 Firmware
Qualcomm mdm9205 Firmware
Qualcomm csra6640 Firmware
Qualcomm wcd9330
Qualcomm mdm9207
Qualcomm wsa8810
Qualcomm wcd9335
Qualcomm mdm9207 Firmware
Qualcomm wcn3998
Qualcomm wcd9306
Qualcomm wcd9335 Firmware
Qualcomm qca4024 Firmware
Qualcomm ar8031
Qualcomm qca4010
Qualcomm mdm9206 Firmware
Qualcomm wcn3999
Qualcomm mdm9607
Qualcomm wcn3980 Firmware
Qualcomm mdm8207 Firmware
Qualcomm wsa8815 Firmware
Qualcomm mdm9607 Firmware

15 Nov 2022, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2022-11-15 10:15

Updated : 2023-12-10 14:35

NVD link : CVE-2022-25727

Mitre link : CVE-2022-25727

CVE.ORG link : CVE-2022-25727

JSON object : View

Products Affected

qualcomm

  • mdm8207
  • wcd9306_firmware
  • mdm9205
  • wcn3980
  • csra6620_firmware
  • mdm9607
  • mdm9206
  • wsa8815_firmware
  • qca4004_firmware
  • wcn3980_firmware
  • ar8031
  • mdm9207_firmware
  • qca4010_firmware
  • wcn3999
  • qcs405
  • wcn3999_firmware
  • ar8031_firmware
  • wcd9335
  • csra6620
  • wsa8810_firmware
  • qca4024
  • qca4020_firmware
  • qca4024_firmware
  • wsa8810
  • mdm9607_firmware
  • mdm9206_firmware
  • wcd9330_firmware
  • mdm9207
  • qcs405_firmware
  • qca4010
  • wsa8815
  • csra6640_firmware
  • wcd9306
  • wcd9335_firmware
  • wcn3998
  • qca4020
  • mdm8207_firmware
  • mdm9205_firmware
  • qca4004
  • wcn3998_firmware
  • wcd9330
  • csra6640
CWE
CWE-1284

Improper Validation of Specified Quantity in Input