CVE-2022-25737

CVSS V2 None CVSS V3 None
Description
Information disclosure in modem due to missing NULL check while reading packets received from local network
Overview
  • CVE ID
  • CVE-2022-25737
  • Assigner
  • product-security@qualcomm.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-04-13T07:15:12
  • Last Modified Date
  • 2023-04-21T03:50:27
Weakness Enumerations
CWE URL
CWE-908 http://cwe.mitre.org/data/definitions/908.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:snapdragon_wear_1100_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:snapdragon_wear_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:snapdragon_wear_1200_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:snapdragon_wear_1200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:snapdragon_wear_1300_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:snapdragon_wear_1300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-25737
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25737
History
Created Old Value New Value Data Type Notes
2023-04-17 04:39:50 Added to TrackCVE
2023-04-18 15:00:34 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-04-21 04:00:53 2023-04-21T03:50:27 CVE Modified Date updated
2023-04-21 04:00:53 Undergoing Analysis Analyzed Vulnerability Status updated
2023-04-21 04:00:54 Weakness Enumeration new
2023-04-21 04:00:57 CPE Information updated