CVE-2022-25730

Summary

Information disclosure in modem due to improper check of IP type while processing DNS server query

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon9205 LTE Modemaffected
Qualcomm, Inc.Snapdragon9206 LTE Modemaffected
Qualcomm, Inc.Snapdragon9207 LTE Modemaffected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonMDM8207affected
Qualcomm, Inc.SnapdragonQCA4004affected
Qualcomm, Inc.SnapdragonQCA4010affected
Qualcomm, Inc.SnapdragonQTS110affected
Qualcomm, Inc.SnapdragonSnapdragon 1100 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 1200 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon AR2 Gen 1 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon Wear 1300 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon X5 LTE Modemaffected
Qualcomm, Inc.SnapdragonSSG2115Paffected
Qualcomm, Inc.SnapdragonSSG2125Paffected
Qualcomm, Inc.SnapdragonSXR1230Paffected
Qualcomm, Inc.SnapdragonSXR2230Paffected
Qualcomm, Inc.SnapdragonWCD9306affected
Qualcomm, Inc.SnapdragonWCD9330affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8832affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References