CVE-2022-33221

Information disclosure in Trusted Execution Environment due to buffer over-read while processing metadata verification requests.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
qualcommCNA
6.8 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
qualcommsd_8_gen1_5g_firmware
-
qualcommssg2115p_firmware
-
qualcommssg2125p_firmware
-
qualcommsxr1230p_firmware
-
qualcommsxr2230p_firmware
-
qualcommwcd9380_firmware
-
qualcommwcd9385_firmware
-
qualcommwcn6855_firmware
-
qualcommwcn6856_firmware
-
qualcommwcn7850_firmware
-
qualcommwcn7851_firmware
-
qualcommwsa8830_firmware
-
qualcommwsa8832_firmware
-
qualcommwsa8835_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin
https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin