#VU71945 NULL Pointer Dereference in Qualcomm products - CVE-2022-25733
Published: February 7, 2023
Vulnerability identifier: #VU71945
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-25733
CWE-ID: CWE-476
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
AR8031
CSRA6620
CSRA6640
MDM8207
MDM9205
MDM9207
QCA4004
QCA4010
QCA4020
QCA4024
QTS110
SSG2115P
SSG2125P
SXR1230P
SXR2230P
WCD9306
WCD9330
WCD9335
WCD9380
WCD9385
WCN3980
WCN3998
WCN3999
WCN6855
WCN6856
WCN7850
WCN7851
WSA8810
WSA8815
WSA8830
WSA8835
MDM9206
MDM9607
QCS405
WSA8832
AR8031
CSRA6620
CSRA6640
MDM8207
MDM9205
MDM9207
QCA4004
QCA4010
QCA4020
QCA4024
QTS110
SSG2115P
SSG2125P
SXR1230P
SXR2230P
WCD9306
WCD9330
WCD9335
WCD9380
WCD9385
WCN3980
WCN3998
WCN3999
WCN6855
WCN6856
WCN7850
WCN7851
WSA8810
WSA8815
WSA8830
WSA8835
MDM9206
MDM9607
QCS405
WSA8832
Software vendor:
Qualcomm
Qualcomm
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in MODEM. A remote attacker can perform a denial of service (DoS) attack.
Remediation
Install security update from vendor's website.