Common Weakness Enumeration
CWE-126
AllowedBuffer Over-read
Abstraction: Variant · Status: Draft
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
855 vulnerabilities reference this CWE, most recent first.
CVE-2022-25730 (GCVE-0-2022-25730)
Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
VLAI
EPSS
VEX
Title
Buffer Over-read in MODEM
Summary
Information disclosure in modem due to improper check of IP type while processing DNS server query
Severity
8.2 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
9205 LTE Modem
Affected: 9206 LTE Modem Affected: 9207 LTE Modem Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: MDM8207 Affected: QCA4004 Affected: QCA4010 Affected: QTS110 Affected: Snapdragon 1100 Wearable Platform Affected: Snapdragon 1200 Wearable Platform Affected: Snapdragon AR2 Gen 1 Platform Affected: Snapdragon Wear 1300 Platform Affected: Snapdragon X5 LTE Modem Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9306 Affected: WCD9330 Affected: WCD9380 Affected: WCD9385 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 |
|
| qualcomm | snapdragon_1100_wearable_platform |
Affected:
-
cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:* |
|
| qualcomm | snapdragon_1200_wearable_platform |
Affected:
-
cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:* |
|
| qualcomm | 9205_lte_modem |
Affected:
-
cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:* |
|
| qualcomm | 9206_lte_modem |
Affected:
-
cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:* |
|
| qualcomm | 9207_lte_modem |
Affected:
-
cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:* |
|
| qualcomm | fastconnect_6900 |
Affected:
-
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:* |
|
| qualcomm | fastconnect_7800 |
Affected:
-
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:* |
|
| qualcomm | mdm8207 |
Affected:
-
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:* |
|
| qualcomm | qca4004 |
Affected:
-
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:* |
|
| qualcomm | qca4010 |
Affected:
-
cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:* |
|
| qualcomm | qts110 |
Affected:
-
cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:* |
|
| qualcomm | snapdragon_ar2_gen1_platform |
Affected:
-
cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:*:*:*:*:*:*:* |
|
| qualcomm | snapdragon_wear_1300_platform |
Affected:
-
cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:* |
|
| qualcomm | snapdragon_x5_lte_firmware |
Affected:
-
cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | ssg2115p |
Affected:
-
cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:* |
|
| qualcomm | ssg2125p |
Affected:
-
cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:* |
|
| qualcomm | sxr1230p |
Affected:
-
cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:* |
|
| qualcomm | sxr2230p |
Affected:
-
cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9306 |
Affected:
-
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9330 |
Affected:
-
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9380 |
Affected:
-
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9385 |
Affected:
-
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8830 |
Affected:
-
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8832 |
Affected:
-
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8835 |
Affected:
-
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_1100_wearable_platform",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_1200_wearable_platform",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "9205_lte_modem",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "9206_lte_modem",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "9207_lte_modem",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fastconnect_6900",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fastconnect_7800",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm8207",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca4004",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca4010",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qts110",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_ar2_gen1_platform",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_wear_1300_platform",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_x5_lte_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ssg2115p",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ssg2125p",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sxr1230p",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sxr2230p",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9306",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9330",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9380",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9385",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8830",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8832",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8835",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "-"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25730",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T16:03:34.222184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:15:35.279Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:42.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "9205 LTE Modem"
},
{
"status": "affected",
"version": "9206 LTE Modem"
},
{
"status": "affected",
"version": "9207 LTE Modem"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "MDM8207"
},
{
"status": "affected",
"version": "QCA4004"
},
{
"status": "affected",
"version": "QCA4010"
},
{
"status": "affected",
"version": "QTS110"
},
{
"status": "affected",
"version": "Snapdragon 1100 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon 1200 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon AR2 Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon Wear 1300 Platform"
},
{
"status": "affected",
"version": "Snapdragon X5 LTE Modem"
},
{
"status": "affected",
"version": "SSG2115P"
},
{
"status": "affected",
"version": "SSG2125P"
},
{
"status": "affected",
"version": "SXR1230P"
},
{
"status": "affected",
"version": "SXR2230P"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information disclosure in modem due to improper check of IP type while processing DNS server query"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T16:28:15.247Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
}
],
"title": "Buffer Over-read in MODEM"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-25730",
"datePublished": "2023-04-04T04:46:13.925Z",
"dateReserved": "2022-02-22T11:38:09.309Z",
"dateUpdated": "2024-08-03T04:49:42.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25728 (GCVE-0-2022-25728)
Vulnerability from cvelistv5 – Published: 2023-02-09 06:58 – Updated: 2024-08-03 04:49
VLAI
EPSS
VEX
Title
Buffer Over-read in MODEM
Summary
Information disclosure in modem due to buffer over-read while processing response from DNS server
Severity
8.2 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
35 products
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AR8031
Affected: CSRA6620 Affected: CSRA6640 Affected: MDM8207 Affected: MDM9205 Affected: MDM9206 Affected: MDM9207 Affected: MDM9607 Affected: QCA4004 Affected: QCA4020 Affected: QCA4024 Affected: QCS405 Affected: QTS110 Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9306 Affected: WCD9330 Affected: WCD9335 Affected: WCD9380 Affected: WCD9385 Affected: WCN3980 Affected: WCN3998 Affected: WCN3999 Affected: WCN6855 Affected: WCN6856 Affected: WCN7850 Affected: WCN7851 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 |
|
| qualcomm | ar8031_firmware |
Affected:
*
cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | csra6620_firmware |
Affected:
*
cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | csra6640_firmware |
Affected:
*
cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | mdm8207_firmware |
Affected:
*
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | mdm9205_firmware |
Affected:
*
cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | mdm9206_firmware |
Affected:
*
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | mdm9207_firmware |
Affected:
*
cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | mdm9607_firmware |
Affected:
*
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | qca4004_firmware |
Affected:
*
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | qca4020_firmware |
Affected:
*
cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | qca4024_firmware |
Affected:
*
cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | qcs405_firmware |
Affected:
*
cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | qts110_firmware |
Affected:
*
cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | ssg2115p_firmware |
Affected:
*
cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | ssg2125p_firmware |
Affected:
*
cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | sxr1230p_firmware |
Affected:
*
cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | sxr2230p_firmware |
Affected:
*
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9306_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9330_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9335_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9380_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9385_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcn3980_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcn3998_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcn3999_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcn6855_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcn6856_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcn7850_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcn7851_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8810_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8815_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8830_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8832_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8835_firmware |
Affected:
*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ar8031_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "csra6620_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "csra6640_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm8207_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9205_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9206_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9207_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9607_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca4004_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca4020_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca4024_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs405_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qts110_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ssg2115p_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ssg2125p_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sxr1230p_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sxr2230p_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9306_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9330_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9335_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9380_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9385_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3980_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3998_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3999_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn6855_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn6856_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn7850_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn7851_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8810_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8815_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8830_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8832_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8835_firmware",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25728",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-10T17:00:16.866453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:00:31.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:42.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon Voice \u0026 Music"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AR8031"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "MDM8207"
},
{
"status": "affected",
"version": "MDM9205"
},
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9207"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "QCA4004"
},
{
"status": "affected",
"version": "QCA4020"
},
{
"status": "affected",
"version": "QCA4024"
},
{
"status": "affected",
"version": "QCS405"
},
{
"status": "affected",
"version": "QTS110"
},
{
"status": "affected",
"version": "SSG2115P"
},
{
"status": "affected",
"version": "SSG2125P"
},
{
"status": "affected",
"version": "SXR1230P"
},
{
"status": "affected",
"version": "SXR2230P"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3998"
},
{
"status": "affected",
"version": "WCN3999"
},
{
"status": "affected",
"version": "WCN6855"
},
{
"status": "affected",
"version": "WCN6856"
},
{
"status": "affected",
"version": "WCN7850"
},
{
"status": "affected",
"version": "WCN7851"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information disclosure in modem due to buffer over-read while processing response from DNS server"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T16:31:31.075Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
}
],
"title": "Buffer Over-read in MODEM"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-25728",
"datePublished": "2023-02-09T06:58:16.659Z",
"dateReserved": "2022-02-22T11:38:09.308Z",
"dateUpdated": "2024-08-03T04:49:42.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25726 (GCVE-0-2022-25726)
Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
VLAI
EPSS
VEX
Title
Buffer Over-read in MODEM
Summary
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet
Severity
8.2 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
25 products
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
9205 LTE Modem
Affected: 9206 LTE Modem Affected: 9207 LTE Modem Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: MDM8207 Affected: QCA4004 Affected: QTS110 Affected: Snapdragon 1100 Wearable Platform Affected: Snapdragon 1200 Wearable Platform Affected: Snapdragon AR2 Gen 1 Platform Affected: Snapdragon Wear 1300 Platform Affected: Snapdragon X5 LTE Modem Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9306 Affected: WCD9330 Affected: WCD9380 Affected: WCD9385 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 |
|
| qualcomm | 9205_lte_modem_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | 9206_lte_modem_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | 9207_lte_modem_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | fastconnect_6900_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | fastconnect_7800_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | mdm8207_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | qca4004_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | qts110_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | snapdragon_1100_wearable_platform_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | snapdragon_1200_wearable_platform_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | snapdragon_ar2_gen_1_platform_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | snapdragon_wear_1300_platform_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | snapdragon_x5_lte_modem_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | ssg2115p_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | ssg2125p_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | sxr1230p_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | sxr2230p_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9306_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9330_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9380_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wcd9385_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8830_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8832_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:* |
|
| qualcomm | wsa8835_firmware |
Affected:
0 , ≤ *
(custom)
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "9205_lte_modem_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "9206_lte_modem_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "9207_lte_modem_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fastconnect_6900_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fastconnect_7800_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm8207_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca4004_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qts110_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_1100_wearable_platform_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_1200_wearable_platform_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_ar2_gen_1_platform_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_wear_1300_platform_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_x5_lte_modem_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ssg2115p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ssg2125p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sxr1230p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sxr2230p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9306_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9330_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9380_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9385_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8830_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8832_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8835_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25726",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T21:14:37.241171Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T21:14:43.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:42.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Industrial IOT"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "9205 LTE Modem"
},
{
"status": "affected",
"version": "9206 LTE Modem"
},
{
"status": "affected",
"version": "9207 LTE Modem"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "MDM8207"
},
{
"status": "affected",
"version": "QCA4004"
},
{
"status": "affected",
"version": "QTS110"
},
{
"status": "affected",
"version": "Snapdragon 1100 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon 1200 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon AR2 Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon Wear 1300 Platform"
},
{
"status": "affected",
"version": "Snapdragon X5 LTE Modem"
},
{
"status": "affected",
"version": "SSG2115P"
},
{
"status": "affected",
"version": "SSG2125P"
},
{
"status": "affected",
"version": "SXR1230P"
},
{
"status": "affected",
"version": "SXR2230P"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T16:28:11.840Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
}
],
"title": "Buffer Over-read in MODEM"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-25726",
"datePublished": "2023-04-04T04:46:12.603Z",
"dateReserved": "2022-02-22T11:38:09.302Z",
"dateUpdated": "2024-08-03T04:49:42.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23130 (GCVE-0-2022-23130)
Vulnerability from cvelistv5 – Published: 2022-01-21 18:17 – Updated: 2026-01-08 11:45
VLAI
EPSS
VEX
Summary
Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32.
Severity
5.9 (Medium)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulne… | vendor-advisory |
| https://jvn.jp/vu/JVNVU95403720/index.html | government-resource |
| https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01 | government-resource |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mitsubishi Electric Corporation | GENESIS64 |
Affected:
Versions 10.97 and prior
|
|
| Mitsubishi Electric Iconics Digital Solutions | GENESIS64 |
Affected:
Versions 10.97 and prior
|
|
| Mitsubishi Electric Corporation | ICONICS Suite |
Affected:
Versions 10.97 and prior
|
|
| Mitsubishi Electric Iconics Digital Solutions | ICONICS Suite |
Affected:
Versions 10.97 and prior
|
|
| Mitsubishi Electric Corporation | MC Works64 |
Affected:
Versions 4.00A to 4.04E
|
|
| Mitsubishi Electric Corporation | GENESIS32 |
Affected:
Versions 9.7 or prior
|
|
| Mitsubishi Electric Iconics Digital Solutions | GENESIS32 |
Affected:
Versions 9.7 or prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:19.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95403720/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC Works64",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "Versions 4.00A to 4.04E"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS32",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "Versions 9.7 or prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS32",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 9.7 or prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32."
}
],
"value": "Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T11:45:13.985Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU95403720/index.html"
},
{
"tags": [
"government-resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"ID": "CVE-2022-23130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mitsubishi Electric MC Works64; ICONICS GENESIS64; ICONICS Hyper Historian",
"version": {
"version_data": [
{
"version_value": "Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01)"
},
{
"version_value": "ICONICS GENESIS64 versions 10.97 and prior"
},
{
"version_value": "ICONICS Hyper Historian versions 10.97 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01), ICONICS GENESIS64 versions 10.97 and prior and ICONICS Hyper Historian versions 10.97 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64 or MC Works64 and execute commands against the database from GENESIS64 or MC Works64."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Over-read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU95403720/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95403720/index.html"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2022-23130",
"datePublished": "2022-01-21T18:17:30.000Z",
"dateReserved": "2022-01-11T00:00:00.000Z",
"dateUpdated": "2026-01-08T11:45:13.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-22519 (GCVE-0-2022-22519)
Vulnerability from cvelistv5 – Published: 2022-04-07 18:21 – Updated: 2024-09-17 03:22
VLAI
EPSS
VEX
Title
Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system.
Summary
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.
Severity
7.5 (High)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://customers.codesys.com/index.php?eID=dumpF… | x_refsource_MISC |
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
V3.5.18.0 , < V3.5.18.0
(custom)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
V3.5.18.0 , < V3.5.18.0
(custom)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
V3.5.18.0 , < V3.5.18.0
(custom)
|
|
| CODESYS | CODESYS HMI (SL) |
Affected:
V3.5.18.0 , < V3.5.18.0
(custom)
|
|
| CODESYS | CODESYS Control Runtime System Toolkit |
Affected:
V3.5.18.0 , < V3.5.18.0
(custom)
|
|
| CODESYS | CODESYS Embedded Target Visu Toolkit |
Affected:
V3.5.18.0 , < V3.5.18.0
(custom)
|
|
| CODESYS | CODESYS Remote Target Visu Toolkit |
Affected:
V3.5.18.0 , < V3.5.18.0
(custom)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
|
| CODESYS | CODESYS Control for Beckhoff CX9020 SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
V4.5.0.0 , < V4.5.0.0
(custom)
|
Date Public
2022-04-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:14:55.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17094\u0026token=2fb188e2213c74194e81ba61ff99f1c68602ba4d\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.0",
"status": "affected",
"version": "V3.5.18.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.0",
"status": "affected",
"version": "V3.5.18.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.0",
"status": "affected",
"version": "V3.5.18.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.0",
"status": "affected",
"version": "V3.5.18.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control Runtime System Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.0",
"status": "affected",
"version": "V3.5.18.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Embedded Target Visu Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.0",
"status": "affected",
"version": "V3.5.18.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Remote Target Visu Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.0",
"status": "affected",
"version": "V3.5.18.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for Beckhoff CX9020 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
},
{
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V4.5.0.0",
"status": "affected",
"version": "V4.5.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T05:55:13.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17094\u0026token=2fb188e2213c74194e81ba61ff99f1c68602ba4d\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-04-06T10:00:00.000Z",
"ID": "CVE-2022-22519",
"STATE": "PUBLIC",
"TITLE": "Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CODESYS Control RTE (SL)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3.5.18.0",
"version_value": "V3.5.18.0"
}
]
}
},
{
"product_name": "CODESYS Control RTE (for Beckhoff CX) SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3.5.18.0",
"version_value": "V3.5.18.0"
}
]
}
},
{
"product_name": "CODESYS Control Win (SL)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3.5.18.0",
"version_value": "V3.5.18.0"
}
]
}
},
{
"product_name": "CODESYS HMI (SL)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3.5.18.0",
"version_value": "V3.5.18.0"
}
]
}
},
{
"product_name": "CODESYS Control Runtime System Toolkit",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3.5.18.0",
"version_value": "V3.5.18.0"
}
]
}
},
{
"product_name": "CODESYS Embedded Target Visu Toolkit",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3.5.18.0",
"version_value": "V3.5.18.0"
}
]
}
},
{
"product_name": "CODESYS Remote Target Visu Toolkit",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3.5.18.0",
"version_value": "V3.5.18.0"
}
]
}
},
{
"product_name": "CODESYS Control for BeagleBone SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
},
{
"product_name": "CODESYS Control for Beckhoff CX9020 SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
},
{
"product_name": "CODESYS Control for emPC-A/iMX6 SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
},
{
"product_name": "CODESYS Control for IOT2000 SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
},
{
"product_name": "CODESYS Control for Linux SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
},
{
"product_name": "CODESYS Control for PFC100 SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
},
{
"product_name": "CODESYS Control for PFC200 SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
},
{
"product_name": "CODESYS Control for PLCnext SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
},
{
"product_name": "CODESYS Control for Raspberry Pi SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
},
{
"product_name": "CODESYS Control for WAGO Touch Panels 600 SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V4.5.0.0",
"version_value": "V4.5.0.0"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126 Buffer Over-read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17094\u0026token=2fb188e2213c74194e81ba61ff99f1c68602ba4d\u0026download=",
"refsource": "MISC",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17094\u0026token=2fb188e2213c74194e81ba61ff99f1c68602ba4d\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-22519",
"datePublished": "2022-04-07T18:21:23.764Z",
"dateReserved": "2022-01-03T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:22:45.345Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20823 (GCVE-0-2022-20823)
Vulnerability from cvelistv5 – Published: 2022-08-25 18:40 – Updated: 2024-11-06 16:07
VLAI
EPSS
VEX
Title
Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability
Summary
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
n/a
|
Date Public
2022-08-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220824 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:28.963453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:07:37.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-08-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-25T18:40:30.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220824 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
}
],
"source": {
"advisory": "cisco-sa-nxos-ospfv3-dos-48qutcu",
"defect": [
[
"CSCvz68748",
"CSCwb50012",
"CSCwb50013",
"CSCwb50015"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-08-24T23:00:00",
"ID": "CVE-2022-20823",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220824 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-ospfv3-dos-48qutcu",
"defect": [
[
"CSCvz68748",
"CSCwb50012",
"CSCwb50013",
"CSCwb50015"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20823",
"datePublished": "2022-08-25T18:40:30.942Z",
"dateReserved": "2021-11-02T00:00:00.000Z",
"dateUpdated": "2024-11-06T16:07:37.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20714 (GCVE-0-2022-20714)
Vulnerability from cvelistv5 – Published: 2022-04-15 14:15 – Updated: 2024-11-06 16:27
VLAI
EPSS
VEX
Title
Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability
Summary
A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
n/a
|
Date Public
2022-04-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220413 Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:47.235015Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:27:13.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-15T14:15:39.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220413 Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk"
}
],
"source": {
"advisory": "cisco-sa-lsplus-Z6AQEOjk",
"defect": [
[
"CSCvy48962"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-04-13T23:00:00",
"ID": "CVE-2022-20714",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XR Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220413 Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk"
}
]
},
"source": {
"advisory": "cisco-sa-lsplus-Z6AQEOjk",
"defect": [
[
"CSCvy48962"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20714",
"datePublished": "2022-04-15T14:15:39.925Z",
"dateReserved": "2021-11-02T00:00:00.000Z",
"dateUpdated": "2024-11-06T16:27:13.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4435 (GCVE-0-2022-4435)
Vulnerability from cvelistv5 – Published: 2023-01-05 17:33 – Updated: 2025-04-10 14:07
VLAI
EPSS
VEX
Summary
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.
Severity
6.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | ThinkPad X13s |
Affected:
Versions prior to 1.47
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:41:44.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T14:07:35.183192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T14:07:44.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "ThinkPad X13s",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Versions prior to 1.47"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lenovo thanks BINARLY efiXplorer team for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure."
}
],
"value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-05T17:33:08.775Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2022-4435",
"datePublished": "2023-01-05T17:33:08.775Z",
"dateReserved": "2022-12-12T22:16:07.194Z",
"dateUpdated": "2025-04-10T14:07:44.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4434 (GCVE-0-2022-4434)
Vulnerability from cvelistv5 – Published: 2023-01-05 17:32 – Updated: 2025-04-10 14:08
VLAI
EPSS
VEX
Summary
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure.
Severity
6.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | ThinkPad X13s |
Affected:
Versions prior to 1.47
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:41:44.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4434",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T14:07:56.219334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T14:08:04.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "ThinkPad X13s",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Versions prior to 1.47"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lenovo thanks BINARLY efiXplorer team for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure."
}
],
"value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-05T17:32:58.029Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2022-4434",
"datePublished": "2023-01-05T17:32:58.029Z",
"dateReserved": "2022-12-12T22:16:06.158Z",
"dateUpdated": "2025-04-10T14:08:04.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4433 (GCVE-0-2022-4433)
Vulnerability from cvelistv5 – Published: 2023-01-05 17:32 – Updated: 2025-04-10 14:08
VLAI
EPSS
VEX
Summary
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.
Severity
6.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | ThinkPad X13s |
Affected:
Versions prior to 1.47
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:41:44.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4433",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T14:08:15.741463Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T14:08:23.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "ThinkPad X13s",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Versions prior to 1.47"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lenovo thanks BINARLY efiXplorer team for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure."
}
],
"value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-05T17:32:48.186Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2022-4433",
"datePublished": "2023-01-05T17:32:48.186Z",
"dateReserved": "2022-12-12T22:16:04.941Z",
"dateUpdated": "2025-04-10T14:08:23.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.