CVE-2022-25737

HIGH

Qualcomm Mdm8207 Firmware - Use of Uninitialized Resource

Title source: rule
STIX 2.1

Description

Information disclosure in modem due to missing NULL check while reading packets received from local network

References (1)

Scores

CVSS v3 7.5
EPSS 0.0030
EPSS Percentile 53.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-457 CWE-908
Status published
Products (12)
qualcomm/mdm8207_firmware
qualcomm/mdm9205_firmware
qualcomm/mdm9206_firmware
qualcomm/mdm9207_firmware
qualcomm/qca4004_firmware
qualcomm/qts110_firmware
qualcomm/snapdragon_wear_1100_firmware
qualcomm/snapdragon_wear_1200_firmware
qualcomm/snapdragon_wear_1300_firmware
qualcomm/snapdragon_x5_lte_modem_firmware
... and 2 more
Published Apr 13, 2023
Tracked Since Feb 18, 2026