CVE-2022-25678

Summary

Memory correction in modem due to buffer overwrite during coap connection

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon9205 LTE Modemaffected
Qualcomm, Inc.Snapdragon9206 LTE Modemaffected
Qualcomm, Inc.Snapdragon9207 LTE Modemaffected
Qualcomm, Inc.SnapdragonMDM8207affected
Qualcomm, Inc.SnapdragonQCA4004affected
Qualcomm, Inc.SnapdragonQTS110affected
Qualcomm, Inc.SnapdragonSnapdragon 1100 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 1200 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon Wear 1300 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon X5 LTE Modemaffected
Qualcomm, Inc.SnapdragonWCD9306affected
Qualcomm, Inc.SnapdragonWCD9330affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References