CVE-2022-40503
HIGHQualcomm Modem Firmware - Out-of-bounds Read in Bluetooth A2DP Streaming
Title source: llmDescription
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
References (1)
Core 1
Core References
Patch, Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin
Scores
CVSS v3
8.2
EPSS
0.0041
EPSS Percentile
32.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-125
CWE-126
Status
published
Products (50)
qualcomm/8905_firmware
qualcomm/8909_firmware
qualcomm/8953_firmware
qualcomm/8953pro_firmware
qualcomm/9206_lte_modem_firmware
qualcomm/apq5053-aa_firmware
qualcomm/apq8017_firmware
qualcomm/apq8053-aa_firmware
qualcomm/apq8053-ac_firmware
qualcomm/apq8053-lite_firmware
... and 40 more
Published
Apr 13, 2023
Tracked Since
Feb 18, 2026