CVE-2022-33291

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.2 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
qualcommCNA
8.2 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
VendorProductVersion
qualcomm9205_lte_modem_firmware
-
qualcomm9206_lte_modem_firmware
-
qualcomm9207_lte_modem_firmware
-
qualcommar8031_firmware
-
qualcommcsra6620_firmware
-
qualcommcsra6640_firmware
-
qualcommwcn3998_firmware
-
qualcommwcn685x-5_firmware
-
qualcommwcn685x-1_firmware
-
qualcommwcn785x-1_firmware
-
qualcommwcn785x-5_firmware
-
qualcommhome_hub_100_platform_firmware
-
qualcommmdm8207_firmware
-
qualcommqca4004_firmware
-
qualcommqca4010_firmware
-
qualcommqca4024_firmware
-
qualcommqts110_firmware
-
qualcommqcs400_firmware
-
qualcommsnapdragon_1100_wearable_platform_firmware
-
qualcommsnapdragon_1200_wearable_platform_firmware
-
qualcommsnapdragon_ar2_gen_1_platform_firmware
-
qualcommsnapdragon_wear_1300_platform_firmware
-
qualcommsnapdragon_x5_lte_modem_firmware
-
qualcommssg2115p_firmware
-
qualcommssg2125p_firmware
-
qualcommsxr1230p_firmware
-
qualcommsxr2230p_firmware
-
qualcommwcd9306_firmware
-
qualcommwcd9330_firmware
-
qualcommwcd9335_firmware
-
qualcommwcd9380_firmware
-
qualcommwcd9385_firmware
-
qualcommwcn3980_firmware
-
qualcommwcn3999_firmware
-
qualcommwsa8810_firmware
-
qualcommwsa8815_firmware
-
qualcommwsa8830_firmware
-
qualcommwsa8832_firmware
-
qualcommwsa8835_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin