VDB

CVE-2022-25732

CVE-2022-25732 PUBLISHED CVSS 8.2 HIGH

Reported by qualcomm · Published February 9, 2023

Information disclosure in modem due to buffer over read in dns client due to missing length check

Risk Scores

CVSS 3.1
8.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Affected Products

VendorProductVersions
Qualcomm, Inc.SnapdragonAR8031, CSRA6620, CSRA6640
Qualcomm, Inc.Snapdragon*, AR8031, CSRA6620
qualcommsxr1230p_firmware*
qualcommwcd9385_firmware*
qualcommwsa8835_firmware*
qualcommsxr2230p_firmware*
qualcommwcn6856_firmware*
qualcommwcd9306_firmware*
qualcommqts110_firmware*
qualcommwcd9335_firmware*
qualcommmdm9207_firmware*
qualcommssg2125p_firmware*
qualcommwsa8810_firmware*
qualcommwsa8830_firmware*
qualcommcsra6640_firmware*
qualcommwsa8832_firmware*
qualcommmdm8207_firmware*
qualcommwcn3980_firmware*
qualcommssg2115p_firmware*
qualcommqca4024_firmware*

…and 15 more

Timeline

  • Feb 9, 2023 EPSS Score
  • Feb 9, 2023 CVE Published
  • Mar 7, 2023 EPSS Score
  • Mar 21, 2023 EPSS Score
  • Apr 30, 2023 EPSS Score
  • Jun 9, 2023 EPSS Score
  • Jul 18, 2023 EPSS Score
  • Aug 27, 2023 EPSS Score
  • Oct 6, 2023 EPSS Score
  • Nov 15, 2023 EPSS Score
  • Dec 25, 2023 EPSS Score
  • Feb 3, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›