ID

VAR-202303-0115


CVE

CVE-2022-25705


TITLE

Integer overflow vulnerability in multiple Qualcomm products

Trust: 0.8

sources: JVNDB: JVNDB-2022-020811

DESCRIPTION

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response. APQ8009 firmware, APQ8009W firmware, APQ8017 Multiple Qualcomm products, including firmware, contain an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-25705 // JVNDB: JVNDB-2022-020811 // VULMON: CVE-2022-25705

AFFECTED PRODUCTS

vendor:qualcommmodel:qca6431scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd768gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8956scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd821scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx70mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx20scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9207scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa415mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs605scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9230scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9330scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9206scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8108scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8976sgscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd845scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs603scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6856scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8917scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcx315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx57mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd780gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx12scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9630scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs405scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6421scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9607scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8017scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd750gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8 gen1 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx65scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4325scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx24scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx50mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd632scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9628scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sda429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8cx gen2scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sc8180x\+sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd625scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd665scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9379scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd720gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9306scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8076scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sg4150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd695scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd712scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd870scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csrb31024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3910scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd778gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9150scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qts110scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8208scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd820scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8096auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8056scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8952scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd626scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8608scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8037scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9330scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd210scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8940scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8035scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm630scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9655scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd710scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8081scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9367scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qualcomm215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd460scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd670scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 4 gen 1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd678scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm8207scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8976scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcc5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa515mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9371scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8052scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 636scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdw2500scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8937scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8209scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8920scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr2 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7325pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd7cscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 455scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6750scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd662scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca4004scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9377scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd480scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8909wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qsw8573scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qet4101scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100pscope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:mdm9230scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csra6620scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8096auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csra6640scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8076scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9205scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9150scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8017scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9207scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009wscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8035scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8052scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8037scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csrb31024scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9250scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm8207scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8056scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9206scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-020811 // NVD: CVE-2022-25705

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-25705
value: HIGH

Trust: 1.0

product-security@qualcomm.com: CVE-2022-25705
value: HIGH

Trust: 1.0

NVD: CVE-2022-25705
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202303-412
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-25705
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2022-25705
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-020811 // CNNVD: CNNVD-202303-412 // NVD: CVE-2022-25705 // NVD: CVE-2022-25705

PROBLEMTYPE DATA

problemtype:CWE-680

Trust: 1.0

problemtype:CWE-190

Trust: 1.0

problemtype:Integer overflow or wraparound (CWE-190) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-020811 // NVD: CVE-2022-25705

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202303-412

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202303-412

PATCH

title:Google Android Enter the fix for the verification error vulnerabilityurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=229226

Trust: 0.6

sources: CNNVD: CNNVD-202303-412

EXTERNAL IDS

db:NVDid:CVE-2022-25705

Trust: 3.3

db:JVNDBid:JVNDB-2022-020811

Trust: 0.8

db:AUSCERTid:ESB-2023.1404

Trust: 0.6

db:CNNVDid:CNNVD-202303-412

Trust: 0.6

db:VULMONid:CVE-2022-25705

Trust: 0.1

sources: VULMON: CVE-2022-25705 // JVNDB: JVNDB-2022-020811 // CNNVD: CNNVD-202303-412 // NVD: CVE-2022-25705

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-25705

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-25705/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.1404

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2022-25705 // JVNDB: JVNDB-2022-020811 // CNNVD: CNNVD-202303-412 // NVD: CVE-2022-25705

SOURCES

db:VULMONid:CVE-2022-25705
db:JVNDBid:JVNDB-2022-020811
db:CNNVDid:CNNVD-202303-412
db:NVDid:CVE-2022-25705

LAST UPDATE DATE

2024-08-14T13:14:15.550000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2022-25705date:2023-03-11T00:00:00
db:JVNDBid:JVNDB-2022-020811date:2023-11-07T02:03:00
db:CNNVDid:CNNVD-202303-412date:2023-03-16T00:00:00
db:NVDid:CVE-2022-25705date:2024-04-12T17:15:55.970

SOURCES RELEASE DATE

db:VULMONid:CVE-2022-25705date:2023-03-10T00:00:00
db:JVNDBid:JVNDB-2022-020811date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202303-412date:2023-03-07T00:00:00
db:NVDid:CVE-2022-25705date:2023-03-10T21:15:11.257