ID
VAR-202209-0273
CVE
CVE-2022-25653
TITLE
Out-of-bounds read vulnerability in multiple Qualcomm products
Trust: 0.8
sources:
JVNDB: JVNDB-2022-017071
DESCRIPTION
Information disclosure in video due to buffer over-read while processing avi file in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. APQ8053 firmware, AQT1000 firmware, MSM8953 Multiple Qualcomm products, such as firmware, contain an out-of-bounds read vulnerability.Information may be obtained
Trust: 1.71
sources:
NVD: CVE-2022-25653 //
JVNDB: JVNDB-2022-017071 //
VULMON: CVE-2022-25653
AFFECTED PRODUCTS
| vendor: | qualcomm | model: | qcs603 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn6850 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd675 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd765g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd780g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn7850 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6391 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd678 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd680 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3998 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wsa8810 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd429 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcd9385 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sm6250 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcd9375 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sm7250p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sm7325p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3680b | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3615 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn6851 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | apq8053 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcs410 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd765 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6426 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcd9335 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wsa8815 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcs605 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | aqt1000 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3991 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdxr2 5g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcs610 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdm429w | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcm4290 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sw5100p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3620 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd750g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdx50m | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sm4125 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wsa8832 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd870 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcd9341 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wsa8830 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcd9326 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3980 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcs4290 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn7851 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcd9370 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3680 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd695 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | msm8953 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd662 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd855 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3660b | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn6855 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sm7450 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wsa8835 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6420 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcd9380 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcm6490 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn6856 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3990 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sm7315 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qualcomm215 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd480 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3950 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sm8475p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd665 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd888 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd460 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd865 5g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdx55m | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd690 5g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3988 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd730 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd888 5g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn3910 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 8 gen1 5g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd778g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn6750 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcs6490 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | wcn6740 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd720g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sw5100 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6436 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6390 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sm8475 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 675 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdx55 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd768g | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6430 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | クアルコム | model: | qca6420 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sd 675 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6430 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qcm4290 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | apq8053 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qcs6490 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | msm8953 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qcs4290 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qcs410 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qualcomm215 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qcs610 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6426 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6436 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6391 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qcs605 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sd 8 gen1 5g | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qcm6490 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | aqt1000 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6390 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qcs603 | scope: | - | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-017071 //
NVD: CVE-2022-25653
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-017071 //
CNNVD: CNNVD-202209-238 //
NVD: CVE-2022-25653 //
NVD: CVE-2022-25653
PROBLEMTYPE DATA
| problemtype: | CWE-125 | Trust: 1.0 |
| problemtype: | Out-of-bounds read (CWE-125) [NVD evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-017071 //
NVD: CVE-2022-25653
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-202209-238
TYPE
buffer error
Trust: 0.6
sources:
CNNVD: CNNVD-202209-238
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-25653 | Trust: 3.3 |
| db: | JVNDB | id: | JVNDB-2022-017071 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202209-238 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2022-25653 | Trust: 0.1 |
sources:
VULMON: CVE-2022-25653 //
JVNDB: JVNDB-2022-017071 //
CNNVD: CNNVD-202209-238 //
NVD: CVE-2022-25653
REFERENCES
| url: | https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin | Trust: 2.5 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-25653 | Trust: 0.8 |
| url: | https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-september-2022-39200 | Trust: 0.6 |
| url: | https://cxsecurity.com/cveshow/cve-2022-25653/ | Trust: 0.6 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULMON: CVE-2022-25653 //
JVNDB: JVNDB-2022-017071 //
CNNVD: CNNVD-202209-238 //
NVD: CVE-2022-25653
SOURCES
| db: | VULMON | id: | CVE-2022-25653 |
| db: | JVNDB | id: | JVNDB-2022-017071 |
| db: | CNNVD | id: | CNNVD-202209-238 |
| db: | NVD | id: | CVE-2022-25653 |
LAST UPDATE DATE
2024-08-14T14:49:38.780000+00:00
SOURCES UPDATE DATE
| db: | VULMON | id: | CVE-2022-25653 | date: | 2022-09-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-017071 | date: | 2023-10-10T08:22:00 |
| db: | CNNVD | id: | CNNVD-202209-238 | date: | 2022-09-20T00:00:00 |
| db: | NVD | id: | CVE-2022-25653 | date: | 2023-04-19T17:10:55.030 |
SOURCES RELEASE DATE
| db: | VULMON | id: | CVE-2022-25653 | date: | 2022-09-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-017071 | date: | 2023-10-10T00:00:00 |
| db: | CNNVD | id: | CNNVD-202209-238 | date: | 2022-09-06T00:00:00 |
| db: | NVD | id: | CVE-2022-25653 | date: | 2022-09-16T06:15:10.620 |