← Back

CVE-2022-25678

nvd nist
Published: Apr 13, 2023Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Memory correction in modem due to buffer overwrite during coap connection

Affected (12)

Qualcomm
12 products
Mdm8207 Firmware
Mdm9205 Firmware
Mdm9206 Firmware
Mdm9207 Firmware
Qca4004 Firmware
Qts110 Firmware
Snapdragon Wear 1100 Firmware
Snapdragon Wear 1200 Firmware
Snapdragon Wear 1300 Firmware
Snapdragon X5 Lte Modem Firmware
Wcd9306 Firmware
Wcd9330 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm8207 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm8207
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9205 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9205
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9206 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9206
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9207 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9207
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qca4004 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qca4004
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qts110 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qts110
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Snapdragon Wear 1100 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Snapdragon Wear 1100
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Snapdragon Wear 1200 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Snapdragon Wear 1200
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Snapdragon Wear 1300 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Snapdragon Wear 1300
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Snapdragon X5 Lte Modem Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Snapdragon X5 Lte Modem
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcd9306 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcd9306
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcd9330 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcd9330
All versions

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

Source: product-security@qualcomm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.