CVE-2022-25726

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-25726
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet

8.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn685x-1:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn785x-1:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_wear_1100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_wear_1100:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_wear_1200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_wear_1200:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_wear_1300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_wear_1300:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn685x-5:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn785x-5:-:*:*:*:*:*:*:*
History

21 Nov 2024, 06:52

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5 		v2 : unknown
v3 : 8.2
References () https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin - Vendor Advisory () https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin - Vendor Advisory

20 Apr 2023, 22:27

Type Values Removed Values Added
CPE cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_wear_1200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn685x-5:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn785x-1:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_wear_1300:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn785x-5:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn685x-1:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_wear_1100:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_wear_1300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_wear_1200:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_wear_1100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
References (MISC) https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin - (MISC) https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin - Vendor Advisory
First Time Qualcomm sxr2230p
Qualcomm ssg2125p
Qualcomm wcd9330 Firmware
Qualcomm wcd9380
Qualcomm wsa8835
Qualcomm wcn785x-1
Qualcomm qca4004 Firmware
Qualcomm snapdragon Ar2 Gen 1 Platform
Qualcomm wsa8830
Qualcomm snapdragon Wear 1300 Firmware
Qualcomm mdm9207
Qualcomm mdm9205
Qualcomm snapdragon Wear 1200
Qualcomm wcd9385 Firmware
Qualcomm wsa8832
Qualcomm wcd9330
Qualcomm wcn785x-5 Firmware
Qualcomm wcd9306
Qualcomm wcn685x-1 Firmware
Qualcomm snapdragon Wear 1200 Firmware
Qualcomm wcd9385
Qualcomm
Qualcomm snapdragon Wear 1100
Qualcomm wcn685x-5
Qualcomm qca4004
Qualcomm wcn785x-1 Firmware
Qualcomm snapdragon X5 Lte Modem Firmware
Qualcomm snapdragon Wear 1100 Firmware
Qualcomm wcn685x-1
Qualcomm mdm9206 Firmware
Qualcomm mdm9206
Qualcomm sxr1230p
Qualcomm sxr2230p Firmware
Qualcomm snapdragon X5 Lte Modem
Qualcomm wsa8832 Firmware
Qualcomm mdm8207
Qualcomm wsa8830 Firmware
Qualcomm ssg2115p Firmware
Qualcomm wcn685x-5 Firmware
Qualcomm wcn785x-5
Qualcomm qts110 Firmware
Qualcomm mdm9205 Firmware
Qualcomm sxr1230p Firmware
Qualcomm snapdragon Ar2 Gen 1 Platform Firmware
Qualcomm ssg2125p Firmware
Qualcomm wsa8835 Firmware
Qualcomm qts110
Qualcomm wcd9306 Firmware
Qualcomm mdm8207 Firmware
Qualcomm ssg2115p
Qualcomm snapdragon Wear 1300
Qualcomm mdm9207 Firmware
Qualcomm wcd9380 Firmware
CWE CWE-125

13 Apr 2023, 07:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-04-13 07:15

Updated : 2024-11-21 06:52

NVD link : CVE-2022-25726

Mitre link : CVE-2022-25726

CVE.ORG link : CVE-2022-25726

JSON object : View

Products Affected

qualcomm

  • wsa8830_firmware
  • mdm9206_firmware
  • wcd9330
  • snapdragon_ar2_gen_1_platform_firmware
  • wcd9385
  • wsa8832
  • snapdragon_wear_1200_firmware
  • mdm9205_firmware
  • snapdragon_ar2_gen_1_platform
  • ssg2115p
  • snapdragon_wear_1200
  • sxr2230p
  • qca4004
  • sxr1230p_firmware
  • wcn785x-5
  • mdm9207
  • mdm9206
  • sxr1230p
  • wcd9330_firmware
  • wcn685x-1_firmware
  • wsa8835_firmware
  • wcd9380_firmware
  • wcn685x-1
  • wcd9385_firmware
  • qca4004_firmware
  • wcn785x-1_firmware
  • wcd9306
  • wsa8830
  • wcn685x-5
  • qts110_firmware
  • wcd9380
  • wcn785x-5_firmware
  • wcn685x-5_firmware
  • mdm9205
  • wsa8832_firmware
  • wcn785x-1
  • ssg2125p
  • sxr2230p_firmware
  • snapdragon_x5_lte_modem_firmware
  • snapdragon_wear_1100_firmware
  • snapdragon_wear_1100
  • snapdragon_x5_lte_modem
  • mdm8207_firmware
  • snapdragon_wear_1300_firmware
  • ssg2115p_firmware
  • qts110
  • mdm9207_firmware
  • wcd9306_firmware
  • wsa8835
  • snapdragon_wear_1300
  • mdm8207
  • ssg2125p_firmware
CWE
CWE-126

Buffer Over-read

CWE-125

Out-of-bounds Read