CVE-2022-22063

HIGH

Qualcomm Core Boot Remapper Firmware - Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-22063. PoCs published by msm8916-mainline.

AI-analyzed exploit summary This PoC exploits CVE-2022-22063, a privilege escalation vulnerability in Qualcomm's hypervisor firmware, by abusing an unprotected hardware component (boot remapper) to gain read/write access to hypervisor memory. The exploit disables hypervisor protections and installs custom shellcode to demonstrate control over the hypervisor.

Description

Memory corruption in Core due to improper configuration in boot remapper.

Exploits (1)

nomisec WORKING POC 39 stars
by msm8916-mainline · poc
https://github.com/msm8916-mainline/CVE-2022-22063

This PoC exploits CVE-2022-22063, a privilege escalation vulnerability in Qualcomm's hypervisor firmware, by abusing an unprotected hardware component (boot remapper) to gain read/write access to hypervisor memory. The exploit disables hypervisor protections and installs custom shellcode to demonstrate control over the hypervisor.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Qualcomm hypervisor firmware (affected chipsets)
No auth needed
Prerequisites: Modified or compromised operating system · Access to affected Qualcomm chipset
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 8.4
EPSS 0.0031
EPSS Percentile 22.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (8)
qualcomm/apq8096au_firmware
qualcomm/mdm9640_firmware
qualcomm/mdm9645_firmware
qualcomm/qca6174_firmware
qualcomm/qca6174a_firmware
qualcomm/qca6574a_firmware
qualcomm/qca6574au_firmware
qualcomm/wcn3990_firmware
Published Dec 15, 2022
Tracked Since Feb 18, 2026