Common Weakness Enumeration

CWE-126

Allowed

Buffer Over-read

Abstraction: Variant · Status: Draft

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

855 vulnerabilities reference this CWE, most recent first.

CVE-2022-25730 (GCVE-0-2022-25730)

Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
VLAI
Title
Buffer Over-read in MODEM
Summary
Information disclosure in modem due to improper check of IP type while processing DNS server query
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
Affected: 9206 LTE Modem
Affected: 9207 LTE Modem
Affected: FastConnect 6900
Affected: FastConnect 7800
Affected: MDM8207
Affected: QCA4004
Affected: QCA4010
Affected: QTS110
Affected: Snapdragon 1100 Wearable Platform
Affected: Snapdragon 1200 Wearable Platform
Affected: Snapdragon AR2 Gen 1 Platform
Affected: Snapdragon Wear 1300 Platform
Affected: Snapdragon X5 LTE Modem
Affected: SSG2115P
Affected: SSG2125P
Affected: SXR1230P
Affected: SXR2230P
Affected: WCD9306
Affected: WCD9330
Affected: WCD9380
Affected: WCD9385
Affected: WSA8830
Affected: WSA8832
Affected: WSA8835
Create a notification for this product.
qualcomm snapdragon_1100_wearable_platform Affected: -
    cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm snapdragon_1200_wearable_platform Affected: -
    cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm 9205_lte_modem Affected: -
    cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm 9206_lte_modem Affected: -
    cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm 9207_lte_modem Affected: -
    cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm fastconnect_6900 Affected: -
    cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm fastconnect_7800 Affected: -
    cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm mdm8207 Affected: -
    cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qca4004 Affected: -
    cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qca4010 Affected: -
    cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qts110 Affected: -
    cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm snapdragon_ar2_gen1_platform Affected: -
    cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm snapdragon_wear_1300_platform Affected: -
    cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm snapdragon_x5_lte_firmware Affected: -
    cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm ssg2115p Affected: -
    cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm ssg2125p Affected: -
    cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm sxr1230p Affected: -
    cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm sxr2230p Affected: -
    cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9306 Affected: -
    cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9330 Affected: -
    cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9380 Affected: -
    cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9385 Affected: -
    cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8830 Affected: -
    cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8832 Affected: -
    cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8835 Affected: -
    cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_1100_wearable_platform",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_1200_wearable_platform",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9205_lte_modem",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9206_lte_modem",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9207_lte_modem",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_6900",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_7800",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm8207",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4004",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4010",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qts110",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon_ar2_gen1_platform:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_ar2_gen1_platform",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_wear_1300_platform",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x5_lte_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2115p",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2125p",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr1230p",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr2230p",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9306",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9330",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9385",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8830",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8832",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8835",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25730",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-19T16:03:34.222184Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:35.279Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:42.831Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "9205 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9206 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9207 LTE Modem"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "MDM8207"
            },
            {
              "status": "affected",
              "version": "QCA4004"
            },
            {
              "status": "affected",
              "version": "QCA4010"
            },
            {
              "status": "affected",
              "version": "QTS110"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1100 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1200 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon AR2 Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 1300 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X5 LTE Modem"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9306"
            },
            {
              "status": "affected",
              "version": "WCD9330"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in modem due to improper check of IP type while processing DNS server query"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:28:15.247Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
        }
      ],
      "title": "Buffer Over-read in MODEM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-25730",
    "datePublished": "2023-04-04T04:46:13.925Z",
    "dateReserved": "2022-02-22T11:38:09.309Z",
    "dateUpdated": "2024-08-03T04:49:42.831Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-25728 (GCVE-0-2022-25728)

Vulnerability from cvelistv5 – Published: 2023-02-09 06:58 – Updated: 2024-08-03 04:49
VLAI
Title
Buffer Over-read in MODEM
Summary
Information disclosure in modem due to buffer over-read while processing response from DNS server
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Affected: AR8031
Affected: CSRA6620
Affected: CSRA6640
Affected: MDM8207
Affected: MDM9205
Affected: MDM9206
Affected: MDM9207
Affected: MDM9607
Affected: QCA4004
Affected: QCA4020
Affected: QCA4024
Affected: QCS405
Affected: QTS110
Affected: SSG2115P
Affected: SSG2125P
Affected: SXR1230P
Affected: SXR2230P
Affected: WCD9306
Affected: WCD9330
Affected: WCD9335
Affected: WCD9380
Affected: WCD9385
Affected: WCN3980
Affected: WCN3998
Affected: WCN3999
Affected: WCN6855
Affected: WCN6856
Affected: WCN7850
Affected: WCN7851
Affected: WSA8810
Affected: WSA8815
Affected: WSA8830
Affected: WSA8832
Affected: WSA8835
Create a notification for this product.
qualcomm ar8031_firmware Affected: *
    cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm csra6620_firmware Affected: *
    cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm csra6640_firmware Affected: *
    cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm mdm8207_firmware Affected: *
    cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm mdm9205_firmware Affected: *
    cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm mdm9206_firmware Affected: *
    cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm mdm9207_firmware Affected: *
    cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm mdm9607_firmware Affected: *
    cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qca4004_firmware Affected: *
    cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qca4020_firmware Affected: *
    cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qca4024_firmware Affected: *
    cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qcs405_firmware Affected: *
    cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qts110_firmware Affected: *
    cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm ssg2115p_firmware Affected: *
    cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm ssg2125p_firmware Affected: *
    cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm sxr1230p_firmware Affected: *
    cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm sxr2230p_firmware Affected: *
    cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9306_firmware Affected: *
    cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9330_firmware Affected: *
    cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9335_firmware Affected: *
    cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9380_firmware Affected: *
    cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9385_firmware Affected: *
    cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcn3980_firmware Affected: *
    cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcn3998_firmware Affected: *
    cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcn3999_firmware Affected: *
    cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcn6855_firmware Affected: *
    cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcn6856_firmware Affected: *
    cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcn7850_firmware Affected: *
    cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcn7851_firmware Affected: *
    cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8810_firmware Affected: *
    cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8815_firmware Affected: *
    cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8830_firmware Affected: *
    cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8832_firmware Affected: *
    cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8835_firmware Affected: *
    cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ar8031_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "csra6620_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "csra6640_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm8207_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9205_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9206_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9207_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm9607_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4004_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4020_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4024_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcs405_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qts110_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2115p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2125p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr1230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr2230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9306_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9330_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9335_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9385_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3980_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3998_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3999_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6855_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6856_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn7850_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn7851_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8810_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8815_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8830_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8832_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8835_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25728",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T17:00:16.866453Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T17:00:31.986Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:42.786Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Voice \u0026 Music"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8031"
            },
            {
              "status": "affected",
              "version": "CSRA6620"
            },
            {
              "status": "affected",
              "version": "CSRA6640"
            },
            {
              "status": "affected",
              "version": "MDM8207"
            },
            {
              "status": "affected",
              "version": "MDM9205"
            },
            {
              "status": "affected",
              "version": "MDM9206"
            },
            {
              "status": "affected",
              "version": "MDM9207"
            },
            {
              "status": "affected",
              "version": "MDM9607"
            },
            {
              "status": "affected",
              "version": "QCA4004"
            },
            {
              "status": "affected",
              "version": "QCA4020"
            },
            {
              "status": "affected",
              "version": "QCA4024"
            },
            {
              "status": "affected",
              "version": "QCS405"
            },
            {
              "status": "affected",
              "version": "QTS110"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9306"
            },
            {
              "status": "affected",
              "version": "WCD9330"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3998"
            },
            {
              "status": "affected",
              "version": "WCN3999"
            },
            {
              "status": "affected",
              "version": "WCN6855"
            },
            {
              "status": "affected",
              "version": "WCN6856"
            },
            {
              "status": "affected",
              "version": "WCN7850"
            },
            {
              "status": "affected",
              "version": "WCN7851"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in modem due to buffer over-read while processing response from DNS server"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:31:31.075Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
        }
      ],
      "title": "Buffer Over-read in MODEM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-25728",
    "datePublished": "2023-02-09T06:58:16.659Z",
    "dateReserved": "2022-02-22T11:38:09.308Z",
    "dateUpdated": "2024-08-03T04:49:42.786Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-25726 (GCVE-0-2022-25726)

Vulnerability from cvelistv5 – Published: 2023-04-04 04:46 – Updated: 2024-08-03 04:49
VLAI
Title
Buffer Over-read in MODEM
Summary
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Affected: 9205 LTE Modem
Affected: 9206 LTE Modem
Affected: 9207 LTE Modem
Affected: FastConnect 6900
Affected: FastConnect 7800
Affected: MDM8207
Affected: QCA4004
Affected: QTS110
Affected: Snapdragon 1100 Wearable Platform
Affected: Snapdragon 1200 Wearable Platform
Affected: Snapdragon AR2 Gen 1 Platform
Affected: Snapdragon Wear 1300 Platform
Affected: Snapdragon X5 LTE Modem
Affected: SSG2115P
Affected: SSG2125P
Affected: SXR1230P
Affected: SXR2230P
Affected: WCD9306
Affected: WCD9330
Affected: WCD9380
Affected: WCD9385
Affected: WSA8830
Affected: WSA8832
Affected: WSA8835
Create a notification for this product.
qualcomm 9205_lte_modem_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm 9206_lte_modem_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm 9207_lte_modem_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm fastconnect_6900_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm fastconnect_7800_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm mdm8207_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qca4004_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm qts110_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm snapdragon_1100_wearable_platform_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm snapdragon_1200_wearable_platform_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm snapdragon_ar2_gen_1_platform_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm snapdragon_wear_1300_platform_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm snapdragon_x5_lte_modem_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm ssg2115p_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm ssg2125p_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm sxr1230p_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm sxr2230p_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9306_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9330_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9380_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wcd9385_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8830_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8832_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
qualcomm wsa8835_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9205_lte_modem_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9206_lte_modem_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "9207_lte_modem_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_6900_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_7800_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mdm8207_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca4004_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qts110_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_1100_wearable_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_1200_wearable_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_ar2_gen_1_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_wear_1300_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x5_lte_modem_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2115p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ssg2125p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr1230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr2230p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9306_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9330_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9385_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8830_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8832_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8835_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25726",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-11T21:14:37.241171Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-11T21:14:43.066Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:42.739Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Compute",
            "Snapdragon Industrial IOT"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "9205 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9206 LTE Modem"
            },
            {
              "status": "affected",
              "version": "9207 LTE Modem"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "MDM8207"
            },
            {
              "status": "affected",
              "version": "QCA4004"
            },
            {
              "status": "affected",
              "version": "QTS110"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1100 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 1200 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon AR2 Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 1300 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X5 LTE Modem"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9306"
            },
            {
              "status": "affected",
              "version": "WCD9330"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:28:11.840Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
        }
      ],
      "title": "Buffer Over-read in MODEM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2022-25726",
    "datePublished": "2023-04-04T04:46:12.603Z",
    "dateReserved": "2022-02-22T11:38:09.302Z",
    "dateUpdated": "2024-08-03T04:49:42.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-23130 (GCVE-0-2022-23130)

Vulnerability from cvelistv5 – Published: 2022-01-21 18:17 – Updated: 2026-01-08 11:45
VLAI
Summary
Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32.
CWE
Assigner
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:36:19.772Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU95403720/index.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "GENESIS64",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 10.97 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GENESIS64",
          "vendor": "Mitsubishi Electric Iconics Digital Solutions",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 10.97 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ICONICS Suite",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 10.97 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ICONICS Suite",
          "vendor": "Mitsubishi Electric Iconics Digital Solutions",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 10.97 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MC Works64",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 4.00A to 4.04E"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GENESIS32",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 9.7 or prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GENESIS32",
          "vendor": "Mitsubishi Electric Iconics Digital Solutions",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 9.7 or prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32."
            }
          ],
          "value": "Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-08T11:45:13.985Z",
        "orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
        "shortName": "Mitsubishi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://jvn.jp/vu/JVNVU95403720/index.html"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
          "ID": "CVE-2022-23130",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Mitsubishi Electric MC Works64; ICONICS GENESIS64; ICONICS Hyper Historian",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01)"
                          },
                          {
                            "version_value": "ICONICS GENESIS64 versions 10.97 and prior"
                          },
                          {
                            "version_value": "ICONICS Hyper Historian versions 10.97 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01), ICONICS GENESIS64 versions 10.97 and prior and ICONICS Hyper Historian versions 10.97 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64 or MC Works64 and execute commands against the database from GENESIS64 or MC Works64."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Over-read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf",
              "refsource": "MISC",
              "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf"
            },
            {
              "name": "https://jvn.jp/vu/JVNVU95403720/index.html",
              "refsource": "MISC",
              "url": "https://jvn.jp/vu/JVNVU95403720/index.html"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
    "assignerShortName": "Mitsubishi",
    "cveId": "CVE-2022-23130",
    "datePublished": "2022-01-21T18:17:30.000Z",
    "dateReserved": "2022-01-11T00:00:00.000Z",
    "dateUpdated": "2026-01-08T11:45:13.985Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-22519 (GCVE-0-2022-22519)

Vulnerability from cvelistv5 – Published: 2022-04-07 18:21 – Updated: 2024-09-17 03:22
VLAI
Title
Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system.
Summary
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.
CWE
Assigner
References
Impacted products
Vendor Product Version
CODESYS CODESYS Control RTE (SL) Affected: V3.5.18.0 , < V3.5.18.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: V3.5.18.0 , < V3.5.18.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control Win (SL) Affected: V3.5.18.0 , < V3.5.18.0 (custom)
Create a notification for this product.
CODESYS CODESYS HMI (SL) Affected: V3.5.18.0 , < V3.5.18.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control Runtime System Toolkit Affected: V3.5.18.0 , < V3.5.18.0 (custom)
Create a notification for this product.
CODESYS CODESYS Embedded Target Visu Toolkit Affected: V3.5.18.0 , < V3.5.18.0 (custom)
Create a notification for this product.
CODESYS CODESYS Remote Target Visu Toolkit Affected: V3.5.18.0 , < V3.5.18.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for BeagleBone SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for Beckhoff CX9020 SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for IOT2000 SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for Linux SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for PFC100 SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for PFC200 SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for PLCnext SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for Raspberry Pi SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: V4.5.0.0 , < V4.5.0.0 (custom)
Create a notification for this product.
Date Public
2022-04-06 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:14:55.378Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17094\u0026token=2fb188e2213c74194e81ba61ff99f1c68602ba4d\u0026download="
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CODESYS Control RTE (SL)",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V3.5.18.0",
              "status": "affected",
              "version": "V3.5.18.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control RTE (for Beckhoff CX) SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V3.5.18.0",
              "status": "affected",
              "version": "V3.5.18.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control Win (SL)",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V3.5.18.0",
              "status": "affected",
              "version": "V3.5.18.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS HMI (SL)",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V3.5.18.0",
              "status": "affected",
              "version": "V3.5.18.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control Runtime System Toolkit",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V3.5.18.0",
              "status": "affected",
              "version": "V3.5.18.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Embedded Target Visu Toolkit",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V3.5.18.0",
              "status": "affected",
              "version": "V3.5.18.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Remote Target Visu Toolkit",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V3.5.18.0",
              "status": "affected",
              "version": "V3.5.18.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for BeagleBone SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for Beckhoff CX9020 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for emPC-A/iMX6 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for IOT2000 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for Linux SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for PFC100 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for PFC200 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for PLCnext SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for Raspberry Pi SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "CODESYS Control for WAGO Touch Panels 600 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "V4.5.0.0",
              "status": "affected",
              "version": "V4.5.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-04-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-27T05:55:13.000Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17094\u0026token=2fb188e2213c74194e81ba61ff99f1c68602ba4d\u0026download="
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system.",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2022-04-06T10:00:00.000Z",
          "ID": "CVE-2022-22519",
          "STATE": "PUBLIC",
          "TITLE": "Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "CODESYS Control RTE (SL)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V3.5.18.0",
                            "version_value": "V3.5.18.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control RTE (for Beckhoff CX) SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V3.5.18.0",
                            "version_value": "V3.5.18.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control Win (SL)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V3.5.18.0",
                            "version_value": "V3.5.18.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS HMI (SL)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V3.5.18.0",
                            "version_value": "V3.5.18.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control Runtime System Toolkit",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V3.5.18.0",
                            "version_value": "V3.5.18.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Embedded Target Visu Toolkit",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V3.5.18.0",
                            "version_value": "V3.5.18.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Remote Target Visu Toolkit",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V3.5.18.0",
                            "version_value": "V3.5.18.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for BeagleBone SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for Beckhoff CX9020 SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for emPC-A/iMX6 SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for IOT2000 SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for Linux SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for PFC100 SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for PFC200 SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for PLCnext SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for Raspberry Pi SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CODESYS Control for WAGO Touch Panels 600 SL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "V4.5.0.0",
                            "version_value": "V4.5.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "CODESYS"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-126 Buffer Over-read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17094\u0026token=2fb188e2213c74194e81ba61ff99f1c68602ba4d\u0026download=",
              "refsource": "MISC",
              "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17094\u0026token=2fb188e2213c74194e81ba61ff99f1c68602ba4d\u0026download="
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2022-22519",
    "datePublished": "2022-04-07T18:21:23.764Z",
    "dateReserved": "2022-01-03T00:00:00.000Z",
    "dateUpdated": "2024-09-17T03:22:45.345Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20823 (GCVE-0-2022-20823)

Vulnerability from cvelistv5 – Published: 2022-08-25 18:40 – Updated: 2024-11-06 16:07
VLAI
Title
Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability
Summary
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
Impacted products
Date Public
2022-08-24 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.937Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220824 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20823",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:28.963453Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:07:37.716Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco NX-OS Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-08-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-25T18:40:30.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220824 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
        }
      ],
      "source": {
        "advisory": "cisco-sa-nxos-ospfv3-dos-48qutcu",
        "defect": [
          [
            "CSCvz68748",
            "CSCwb50012",
            "CSCwb50013",
            "CSCwb50015"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-08-24T23:00:00",
          "ID": "CVE-2022-20823",
          "STATE": "PUBLIC",
          "TITLE": "Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco NX-OS Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-126"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220824 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-nxos-ospfv3-dos-48qutcu",
          "defect": [
            [
              "CSCvz68748",
              "CSCwb50012",
              "CSCwb50013",
              "CSCwb50015"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20823",
    "datePublished": "2022-08-25T18:40:30.942Z",
    "dateReserved": "2021-11-02T00:00:00.000Z",
    "dateUpdated": "2024-11-06T16:07:37.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20714 (GCVE-0-2022-20714)

Vulnerability from cvelistv5 – Published: 2022-04-15 14:15 – Updated: 2024-11-06 16:27
VLAI
Title
Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability
Summary
A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
Impacted products
Date Public
2022-04-13 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.450Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220413 Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20714",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:47.235015Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:27:13.642Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-15T14:15:39.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220413 Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk"
        }
      ],
      "source": {
        "advisory": "cisco-sa-lsplus-Z6AQEOjk",
        "defect": [
          [
            "CSCvy48962"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-13T23:00:00",
          "ID": "CVE-2022-20714",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-126"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220413 Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-lsplus-Z6AQEOjk",
          "defect": [
            [
              "CSCvy48962"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20714",
    "datePublished": "2022-04-15T14:15:39.925Z",
    "dateReserved": "2021-11-02T00:00:00.000Z",
    "dateUpdated": "2024-11-06T16:27:13.642Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-4435 (GCVE-0-2022-4435)

Vulnerability from cvelistv5 – Published: 2023-01-05 17:33 – Updated: 2025-04-10 14:07
VLAI
Summary
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Lenovo ThinkPad X13s Affected: Versions prior to 1.47
Create a notification for this product.
Credits
Lenovo thanks BINARLY efiXplorer team for reporting these issues.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:41:44.620Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-4435",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-10T14:07:35.183192Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-10T14:07:44.677Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "ThinkPad X13s",
          "vendor": "Lenovo",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to 1.47"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Lenovo thanks BINARLY efiXplorer team for reporting these issues."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure."
            }
          ],
          "value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-05T17:33:08.775Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2022-4435",
    "datePublished": "2023-01-05T17:33:08.775Z",
    "dateReserved": "2022-12-12T22:16:07.194Z",
    "dateUpdated": "2025-04-10T14:07:44.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-4434 (GCVE-0-2022-4434)

Vulnerability from cvelistv5 – Published: 2023-01-05 17:32 – Updated: 2025-04-10 14:08
VLAI
Summary
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Lenovo ThinkPad X13s Affected: Versions prior to 1.47
Create a notification for this product.
Credits
Lenovo thanks BINARLY efiXplorer team for reporting these issues.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:41:44.691Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-4434",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-10T14:07:56.219334Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-10T14:08:04.421Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "ThinkPad X13s",
          "vendor": "Lenovo",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to 1.47"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Lenovo thanks BINARLY efiXplorer team for reporting these issues."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure."
            }
          ],
          "value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-05T17:32:58.029Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2022-4434",
    "datePublished": "2023-01-05T17:32:58.029Z",
    "dateReserved": "2022-12-12T22:16:06.158Z",
    "dateUpdated": "2025-04-10T14:08:04.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-4433 (GCVE-0-2022-4433)

Vulnerability from cvelistv5 – Published: 2023-01-05 17:32 – Updated: 2025-04-10 14:08
VLAI
Summary
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Lenovo ThinkPad X13s Affected: Versions prior to 1.47
Create a notification for this product.
Credits
Lenovo thanks BINARLY efiXplorer team for reporting these issues.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:41:44.572Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-4433",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-10T14:08:15.741463Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-10T14:08:23.719Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "ThinkPad X13s",
          "vendor": "Lenovo",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to 1.47"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Lenovo thanks BINARLY efiXplorer team for reporting these issues."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure."
            }
          ],
          "value": "A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-05T17:32:48.186Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "url": "https://support.lenovo.com/us/en/product_security/LEN-103709"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2022-4433",
    "datePublished": "2023-01-05T17:32:48.186Z",
    "dateReserved": "2022-12-12T22:16:04.941Z",
    "dateUpdated": "2025-04-10T14:08:23.719Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.