CVE-2022-44419

EUVD-2022-47362
In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Affected Products (NVD)
VendorProductVersion
googleandroid
10.0
googleandroid
11.0
googleandroid
12.0
googleandroid
13.0
𝑥
= Vulnerable software versions
References
https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761
https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761