← Voltar para CVEs
CVE-2022-33291
HIGH8.2
Descricao
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.
Detalhes CVE
Pontuacao CVSS v3.18.2
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado4/13/2023
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
qualcomm:9205_lte_modemqualcomm:9205_lte_modem_firmwarequalcomm:9206_lte_modemqualcomm:9206_lte_modem_firmwarequalcomm:9207_lte_modemqualcomm:9207_lte_modem_firmwarequalcomm:ar8031qualcomm:ar8031_firmwarequalcomm:csra6620qualcomm:csra6620_firmwarequalcomm:csra6640qualcomm:csra6640_firmwarequalcomm:home_hub_100_platformqualcomm:home_hub_100_platform_firmwarequalcomm:mdm8207qualcomm:mdm8207_firmwarequalcomm:qca4004qualcomm:qca4004_firmwarequalcomm:qca4010qualcomm:qca4010_firmwarequalcomm:qca4024qualcomm:qca4024_firmwarequalcomm:qcs400qualcomm:qcs400_firmwarequalcomm:qts110qualcomm:qts110_firmwarequalcomm:snapdragon_1100_wearable_platformqualcomm:snapdragon_1100_wearable_platform_firmwarequalcomm:snapdragon_1200_wearable_platformqualcomm:snapdragon_1200_wearable_platform_firmwarequalcomm:snapdragon_ar2_gen_1_platformqualcomm:snapdragon_ar2_gen_1_platform_firmwarequalcomm:snapdragon_wear_1300_platformqualcomm:snapdragon_wear_1300_platform_firmwarequalcomm:snapdragon_x5_lte_modemqualcomm:snapdragon_x5_lte_modem_firmwarequalcomm:ssg2115pqualcomm:ssg2115p_firmwarequalcomm:ssg2125pqualcomm:ssg2125p_firmwarequalcomm:sxr1230pqualcomm:sxr1230p_firmwarequalcomm:sxr2230pqualcomm:sxr2230p_firmwarequalcomm:wcd9306qualcomm:wcd9306_firmwarequalcomm:wcd9330qualcomm:wcd9330_firmwarequalcomm:wcd9335qualcomm:wcd9335_firmwarequalcomm:wcd9380qualcomm:wcd9380_firmwarequalcomm:wcd9385qualcomm:wcd9385_firmwarequalcomm:wcn3980qualcomm:wcn3980_firmwarequalcomm:wcn3998qualcomm:wcn3998_firmwarequalcomm:wcn3999qualcomm:wcn3999_firmwarequalcomm:wcn685x-1qualcomm:wcn685x-1_firmwarequalcomm:wcn685x-5qualcomm:wcn685x-5_firmwarequalcomm:wcn785x-1qualcomm:wcn785x-1_firmwarequalcomm:wcn785x-5qualcomm:wcn785x-5_firmwarequalcomm:wsa8810qualcomm:wsa8810_firmwarequalcomm:wsa8815qualcomm:wsa8815_firmwarequalcomm:wsa8830qualcomm:wsa8830_firmwarequalcomm:wsa8832qualcomm:wsa8832_firmwarequalcomm:wsa8835qualcomm:wsa8835_firmware
Fraquezas (CWE)
CWE-126CWE-125
Referencias
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin(product-security@qualcomm.com)
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.