V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2022-25678
CVE
Critical

Memory correction in modem due to buffer overwrite during coap connection

CVSS
9.8
Critical
EPSS
0.00
p33
Published
2022-01-01
Updated
2022-01-01
Description

Memory correction in modem due to buffer overwrite during coap connection

Tags · CWE
Pre-auth
CWE-120
CAPEC-8
CAPEC-9
CAPEC-10
CAPEC-14
CAPEC-24
CAPEC-42
CAPEC-44
CAPEC-45
CAPEC-46
CAPEC-47
CAPEC-67
CAPEC-92
CAPEC-100
Affected products
Mdm8207_firmwareMdm9205_firmwareMdm9206_firmwareMdm9207_firmwareQca4004_firmwareQts110_firmwareSnapdragon_wear_1100_firmwareSnapdragon_wear_1200_firmwareSnapdragon_wear_1300_firmwareSnapdragon_x5_lte_modem_firmwareWcd9306_firmwareWcd9330_firmware
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
2022-01-01
Published
2022-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.004 · p33
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Qualcomm
Mdm9206Mdm9206 FirmwareWcd9330Wcd9330 FirmwareMdm9205Mdm9205 FirmwareWcd9306Wcd9306 FirmwareQca4004Qca4004 Firmware+14
ProductVendorStatus
mdm8207_firmware*Tracked
mdm9205_firmware*Tracked
mdm9206_firmware*Tracked
mdm9207_firmware*Tracked
qca4004_firmware*Tracked
qts110_firmware*Tracked
snapdragon_wear_1100_firmware*Tracked
snapdragon_wear_1200_firmware*Tracked
snapdragon_wear_1300_firmware*Tracked
snapdragon_x5_lte_modem_firmware*Tracked
wcd9306_firmware*Tracked
wcd9330_firmware*Tracked
Source databases
CVE