CVE-2022-33288
9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon | 315 5G IoT Modem | affected |
| Qualcomm, Inc. | Snapdragon | AQT1000 | affected |
| Qualcomm, Inc. | Snapdragon | AR8035 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6200 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6700 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6800 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6900 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 7800 | affected |
| Qualcomm, Inc. | Snapdragon | Flight RB5 5G Platform | affected |
| Qualcomm, Inc. | Snapdragon | QAM8295P | affected |
| Qualcomm, Inc. | Snapdragon | QCA6174A | affected |
| Qualcomm, Inc. | Snapdragon | QCA6310 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6335 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6391 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6420 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6421 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6426 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6430 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6431 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6436 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6564A | affected |
| Qualcomm, Inc. | Snapdragon | QCA6564AU | affected |
| Qualcomm, Inc. | Snapdragon | QCA6574 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6574A | affected |
| Qualcomm, Inc. | Snapdragon | QCA6574AU | affected |
| Qualcomm, Inc. | Snapdragon | QCA6595 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6595AU | affected |
| Qualcomm, Inc. | Snapdragon | QCA6696 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6698AQ | affected |
| Qualcomm, Inc. | Snapdragon | QCA8081 | affected |
| Qualcomm, Inc. | Snapdragon | QCA8337 | affected |
| Qualcomm, Inc. | Snapdragon | QCA9377 | affected |
| Qualcomm, Inc. | Snapdragon | QCM6490 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6024 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9011 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9012 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9024 | affected |
| Qualcomm, Inc. | Snapdragon | QCS6490 | affected |
| Qualcomm, Inc. | Snapdragon | QRB5165M | affected |
| Qualcomm, Inc. | Snapdragon | QRB5165N | affected |
| Qualcomm, Inc. | Snapdragon | QSM8250 | affected |
| Qualcomm, Inc. | Snapdragon | QSM8350 | affected |
| Qualcomm, Inc. | Snapdragon | Qualcomm Robotics RB3 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Qualcomm Robotics RB5 Platform | affected |
| Qualcomm, Inc. | Snapdragon | SA6145P | affected |
| Qualcomm, Inc. | Snapdragon | SA6155 | affected |
| Qualcomm, Inc. | Snapdragon | SA6155P | affected |
| Qualcomm, Inc. | Snapdragon | SA8150P | affected |
| Qualcomm, Inc. | Snapdragon | SA8155 | affected |
| Qualcomm, Inc. | Snapdragon | SA8155P | affected |
| Qualcomm, Inc. | Snapdragon | SA8295P | affected |
| Qualcomm, Inc. | Snapdragon | SA8540P | affected |
| Qualcomm, Inc. | Snapdragon | SA9000P | affected |
| Qualcomm, Inc. | Snapdragon | SC8180X+SDX55 | affected |
| Qualcomm, Inc. | Snapdragon | SD 675 | affected |
| Qualcomm, Inc. | Snapdragon | SD 8 Gen1 5G | affected |
| Qualcomm, Inc. | Snapdragon | SD 8CX | affected |
| Qualcomm, Inc. | Snapdragon | SD 8cx Gen2 | affected |
| Qualcomm, Inc. | Snapdragon | SD 8cx Gen3 | affected |
| Qualcomm, Inc. | Snapdragon | SD670 | affected |
| Qualcomm, Inc. | Snapdragon | SD675 | affected |
| Qualcomm, Inc. | Snapdragon | SD778G | affected |
| Qualcomm, Inc. | Snapdragon | SD855 | affected |
| Qualcomm, Inc. | Snapdragon | SD865 5G | affected |
| Qualcomm, Inc. | Snapdragon | SD888 | affected |
| Qualcomm, Inc. | Snapdragon | SDX55 | affected |
| Qualcomm, Inc. | Snapdragon | SDX57M | affected |
| Qualcomm, Inc. | Snapdragon | SM7250P | affected |
| Qualcomm, Inc. | Snapdragon | SM7315 | affected |
| Qualcomm, Inc. | Snapdragon | SM7325P | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 670 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 675 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 678 Mobile Platform (SM6150-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 690 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 750G 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 765 5G Mobile Platform (SM7250-AA) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 765G 5G Mobile Platform (SM7250-AB) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 768G 5G Mobile Platform (SM7250-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 778G 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 780G 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 782G Mobile Platform (SM7325-AF) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8 Gen 1 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 845 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 850 Mobile Compute Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 855 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 855+/860 Mobile Platform (SM8150-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 865 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 865+ 5G Mobile Platform (SM8250-AB) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 870 5G Mobile Platform (SM8250-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 888 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 888+ 5G Mobile Platform (SM8350-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon AR2 Gen 1 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon Auto 5G Modem-RF | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X24 LTE Modem | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X50 5G Modem-RF System | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X55 5G Modem-RF System | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X65 5G Modem-RF System | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X70 Modem-RF System | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon XR2 5G Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon XR2+ Gen 1 Platform | affected |
| Qualcomm, Inc. | Snapdragon | SSG2115P | affected |
| Qualcomm, Inc. | Snapdragon | SSG2125P | affected |
| Qualcomm, Inc. | Snapdragon | SXR1230P | affected |
| Qualcomm, Inc. | Snapdragon | SXR2130 | affected |
| Qualcomm, Inc. | Snapdragon | SXR2230P | affected |
| Qualcomm, Inc. | Snapdragon | Vision Intelligence 300 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Vision Intelligence 400 Platform | affected |
| Qualcomm, Inc. | Snapdragon | WCD9326 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9340 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9341 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9360 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9370 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9375 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9380 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9385 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3950 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3980 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3988 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3990 | affected |
| Qualcomm, Inc. | Snapdragon | WCN6740 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8810 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8815 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8830 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8832 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8835 | affected |
Weaknesses
- CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.