Memory Corruption Vulnerability in Snapdragon Products by Qualcomm
CVE-2022-33234

7.3HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Iot, Snapdragon Industrial Iot, Snapdragon Mobile, Snapdragon Wearables
Vendor: CVE Published:; 15 November 2022

Summary

A memory corruption vulnerability exists in several Qualcomm Snapdragon products due to inadequate configuration. This flaw affects Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, and Wearables devices, potentially leading to unauthorized access or malfunction. Users are advised to ensure their devices are updated to mitigate any potential risks associated with this vulnerability.

Affected Version(s)

Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables AQT1000

Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables QCA6310

Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables QCA6335

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2022
Vulnerability Reserved
Jun 14, 2022