Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00286.

Exploitation none

Automatable yes

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Qualcomm, Inc. Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music affected
Version Status Constraints
AR8031 affected
CSRA6620 affected
CSRA6640 affected
MDM8207 affected
MDM9205 affected
MDM9206 affected
MDM9207 affected
MDM9607 affected
QCA4004 affected
QCA4010 affected
QCA4020 affected
QCA4024 affected
QCS405 affected
WCD9306 affected
WCD9330 affected
WCD9335 affected
WCN3980 affected
WCN3998 affected
WCN3999 affected
WSA8810 affected
WSA8815 affected

Configuration 1 [-]

AND
cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4020:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Qualcomm Subscribe
Ar8031 Subscribe
Ar8031 Firmware Subscribe
Csra6620 Subscribe
Csra6620 Firmware Subscribe
Csra6640 Subscribe
Csra6640 Firmware Subscribe
Mdm8207 Subscribe
Mdm8207 Firmware Subscribe
Mdm9205 Subscribe
Mdm9205 Firmware Subscribe
Mdm9206 Subscribe
Mdm9206 Firmware Subscribe
Mdm9207 Subscribe
Mdm9207 Firmware Subscribe
Mdm9607 Subscribe
Mdm9607 Firmware Subscribe
Qca4004 Subscribe
Qca4004 Firmware Subscribe
Qca4010 Subscribe
Qca4010 Firmware Subscribe
Qca4020 Subscribe
Qca4020 Firmware Subscribe
Qca4024 Subscribe
Qca4024 Firmware Subscribe
Qcs405 Subscribe
Qcs405 Firmware Subscribe
Wcd9306 Subscribe
Wcd9306 Firmware Subscribe
Wcd9330 Subscribe
Wcd9330 Firmware Subscribe
Wcd9335 Subscribe
Wcd9335 Firmware Subscribe
Wcn3980 Subscribe
Wcn3980 Firmware Subscribe
Wcn3998 Subscribe
Wcn3998 Firmware Subscribe
Wcn3999 Subscribe
Wcn3999 Firmware Subscribe
Wsa8810 Subscribe
Wsa8810 Firmware Subscribe
Wsa8815 Subscribe
Wsa8815 Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2022-30382 Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin cve-icon cve-icon
History

Tue, 22 Apr 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2025-04-22T15:50:04.596Z

Reserved: 2022-02-22T00:00:00.000Z

Link: CVE-2022-25727

cve-icon Vulnrichment

Updated: 2024-08-03T04:49:42.821Z

cve-icon NVD

Status : Modified

Published: 2022-11-15T10:15:14.997

Modified: 2025-04-22T16:15:26.880

Link: CVE-2022-25727

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses