CVE-2022-22063

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-22063
Memory corruption in Core due to improper configuration in boot remapper.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9645:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:qca6174_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6174:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*
History

20 Dec 2022, 16:17

Type Values Removed Values Added
CWE CWE-787
References (MISC) https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin - (MISC) https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin - Vendor Advisory
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
CPE cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9645:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6174:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6174_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*

15 Dec 2022, 19:56

Type Values Removed Values Added
New CVE
Information

Published : 2022-12-15 19:15

Updated : 2024-02-04 23:14

NVD link : CVE-2022-22063

Mitre link : CVE-2022-22063

CVE.ORG link : CVE-2022-22063

JSON object : View

Products Affected

qualcomm

  • mdm9640
  • qca6174a_firmware
  • qca6574a_firmware
  • qca6574au_firmware
  • mdm9645
  • mdm9640_firmware
  • apq8096au_firmware
  • qca6174_firmware
  • qca6174
  • mdm9645_firmware
  • qca6574au
  • apq8096au
  • wcn3990_firmware
  • qca6574a
  • qca6174a
  • wcn3990
CWE
CWE-787

Out-of-bounds Write