Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-22614

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-11 Apr, 2023 | 00:00
Updated At-11 Feb, 2025 | 20:09
Rejected At-
Credits

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:11 Apr, 2023 | 00:00
Updated At:11 Feb, 2025 | 20:09
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.insyde.com/security-pledge
N/A
https://www.insyde.com/security-pledge/SA-2023020
N/A
https://research.nccgroup.com/2023/04/11/stepping-insyde-system-management-mode/
N/A
Hyperlink: https://www.insyde.com/security-pledge
Resource: N/A
Hyperlink: https://www.insyde.com/security-pledge/SA-2023020
Resource: N/A
Hyperlink: https://research.nccgroup.com/2023/04/11/stepping-insyde-system-management-mode/
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.insyde.com/security-pledge
x_transferred
https://www.insyde.com/security-pledge/SA-2023020
x_transferred
https://research.nccgroup.com/2023/04/11/stepping-insyde-system-management-mode/
x_transferred
Hyperlink: https://www.insyde.com/security-pledge
Resource:
x_transferred
Hyperlink: https://www.insyde.com/security-pledge/SA-2023020
Resource:
x_transferred
Hyperlink: https://research.nccgroup.com/2023/04/11/stepping-insyde-system-management-mode/
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:11 Apr, 2023 | 21:15
Updated At:11 Feb, 2025 | 20:15

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Secondary3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CPE Matches
Insyde Software Corp. (ISC)
insyde
>>insydeh2o>>05.42.52.0026
cpe:2.3:a:insyde:insydeh2o:05.42.52.0026:*:*:*:*:*:*:*
Insyde Software Corp. (ISC)
insyde
>>insydeh2o>>05.43.01.0026
cpe:2.3:a:insyde:insydeh2o:05.43.01.0026:*:*:*:*:*:*:*
Insyde Software Corp. (ISC)
insyde
>>insydeh2o>>05.43.12.0056
cpe:2.3:a:insyde:insydeh2o:05.43.12.0056:*:*:*:*:*:*:*
Insyde Software Corp. (ISC)
insyde
>>insydeh2o>>05.44.34.0054
cpe:2.3:a:insyde:insydeh2o:05.44.34.0054:*:*:*:*:*:*:*
Insyde Software Corp. (ISC)
insyde
>>insydeh2o>>05.44.45.0015
cpe:2.3:a:insyde:insydeh2o:05.44.45.0015:*:*:*:*:*:*:*
Insyde Software Corp. (ISC)
insyde
>>insydeh2o>>05.44.45.0028
cpe:2.3:a:insyde:insydeh2o:05.44.45.0028:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE-787Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-787
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://research.nccgroup.com/2023/04/11/stepping-insyde-system-management-mode/cve@mitre.org
Exploit
Third Party Advisory
https://www.insyde.com/security-pledgecve@mitre.org
Vendor Advisory
https://www.insyde.com/security-pledge/SA-2023020cve@mitre.org
Vendor Advisory
https://research.nccgroup.com/2023/04/11/stepping-insyde-system-management-mode/af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
https://www.insyde.com/security-pledgeaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://www.insyde.com/security-pledge/SA-2023020af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://research.nccgroup.com/2023/04/11/stepping-insyde-system-management-mode/
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.insyde.com/security-pledge
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://www.insyde.com/security-pledge/SA-2023020
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://research.nccgroup.com/2023/04/11/stepping-insyde-system-management-mode/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.insyde.com/security-pledge
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://www.insyde.com/security-pledge/SA-2023020
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

62Records found
CVE-2019-8604
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-0.21% / 43.46%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-04 Aug, 2024 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23594
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.02% / 3.03%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:32
Updated-23 Apr, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow (MLIR) makes several assumptions about the incoming `GraphDef` before converting it to the MLIR-based dialect. If an attacker changes the `SavedModel` format on disk to invalidate these assumptions and the `GraphDef` is then converted to MLIR-based IR then they can cause a crash in the Python interpreter. Under certain scenarios, heap OOB read/writes are possible. These issues have been discovered via fuzzing and it is possible that more weaknesses exist. We will patch them as they are discovered.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23087
Matching Score-4
Assigner-FreeBSD
ShareView Details
Matching Score-4
Assigner-FreeBSD
CVSS Score-8.8||HIGH
EPSS-0.09% / 26.81%
||
7 Day CHG~0.00%
Published-15 Feb, 2024 | 05:01
Updated-27 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bhyve e82545 device emulation out-of-bounds write

The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets. When checksum offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to specify the checksum offset in the on-stack buffer. The offset was not validated for certain packet types. A misbehaving bhyve guest could overwrite memory in the bhyve process on the host, possibly leading to code execution in the host context. The bhyve process runs in a Capsicum sandbox, which (depending on the FreeBSD version and bhyve configuration) limits the impact of exploiting this issue.

Action-Not Available
Vendor-FreeBSD Foundation
Product-freebsdFreeBSDfreebsd
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-4924
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-8.8||HIGH
EPSS-0.07% / 22.39%
||
7 Day CHG~0.00%
Published-15 Sep, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-fusionesxiworkstation_proFusionESXiWorkstation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22026
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-0.28% / 51.42%
||
7 Day CHG~0.00%
Published-12 Jul, 2022 | 22:36
Updated-08 Jul, 2025 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2016 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 20H2Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 8.1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server version 20H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows Server 2016Windows 7Windows 11 version 21H2Windows 7 Service Pack 1Windows 10 Version 21H1
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-2902
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.8||HIGH
EPSS-0.14% / 35.14%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:29
Updated-27 Sep, 2024 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11210
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption in RPM region due to improper XPU configuration in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarepm6125_firmwarepm4125qcs2290_firmwarepmi632pm6125qat3519qcs4290wcn3950_firmwareqcs2290qca6390_firmwaresmb1396wcd9370qpa4361_firmwaresdr425qca9984_firmwaresdr425_firmwarewcn3998pmi632_firmwaresmr526_firmwarewcd9385_firmwarewcn3950qat5516sm4125qsw8573_firmwarewgr7640_firmwaresd662qsw8574_firmwaresd460_firmwareqsw6310_firmwareqpa4360_firmwarewcd9375_firmwarewcn3998_firmwarewcn3999_firmwarepm6150asmb1354sdr735gqat5515_firmwarewcn3999sd662_firmwareqcs405wcn3988_firmwareqat3522sdr735_firmwareqat3519_firmwarewsa8810_firmwareqat5515sdr660qpa6560pm6350_firmwareqcs4290_firmwarewcd9385qdm2302_firmwarepm4125_firmwarear8035qca6390wcd9375qpa8673wcn3910_firmwarepm6350qet6105wcn3988smb1396_firmwarewcn6850_firmwarewsa8815_firmwarewtr3925_firmwarewtr3925qat5516_firmwarepm6150lqcm2290_firmwareqtc410swcn3991smb1355sdr735g_firmwarewgr7640qpa8673_firmwareqet4101_firmwaresmb1354_firmwarepm7250bsd665_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqpa4360pmk8003_firmwaresdr660_firmwareqpa4361sdr735smr526wcn3980pmk8003pm6150l_firmwareqat3522_firmwareqdm2301qtm525qsw8573sm4125_firmwarewsa8815wcn6850sd665wcn3910pm6150a_firmwareqdm2301_firmwareqca9984qat3555wcn3980_firmwaresd460smb1351pm8008qtm525_firmwareqsw8574wtr2965_firmwareqcm4290sd480_firmwareqpa6560_firmwarepmd9655qsw6310qet6105_firmwarepm8008_firmwarepm4250_firmwareqcm4290_firmwareqtc410s_firmwaresd480wsa8810pm4250qdm2302qcs405_firmwarewtr2965wcd9370_firmwareqet4101qat3555_firmwarear8035_firmwareqcm2290Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0792
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-0.43% / 61.80%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 21:23
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0745.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10Windows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3491
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.71%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 01:40
Updated-16 Sep, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux kernel io_uring PROVIDE_BUFFERS MAX_RW_COUNT bypass

The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was addressed via commit d1f82808877b ("io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers") (v5.13-rc1) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced in ddf0322db79c ("io_uring: add IORING_OP_PROVIDE_BUFFERS") (v5.7-rc1).

Action-Not Available
Vendor-Linux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelLinux kernel
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-27242
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.19% / 41.36%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 21:05
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11926.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-38420
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.8||HIGH
EPSS-0.04% / 9.44%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Hypervisor

Memory corruption while configuring a Hypervisor based input virtual device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareqca6421snapdragon_678_mobilesnapdragon_ar2_gen_1qcm6490_firmwaresd675qcn6224_firmwareqca6420snapdragon_670_mobile_firmwaresa7775p_firmwaresa8775pqca6574au_firmwaresc8180x-ad_firmwaresd670_firmwareqam8775pqca6584ausnapdragon_x65_5g_modem-rf_firmwarewcd9326qca6430sa8255pqdu1210_firmwaresnapdragon_x62_5g_modem-rfwcd9370_firmwaresnapdragon_888_5g_mobileqcc710_firmwareqru1052qdu1000_firmwaresc8180xp-acafsa8540p_firmwarerobotics_rb3_firmwaresd675_firmwaresnapdragon_865\+_5g_mobilesnapdragon_675_mobileqep8111_firmwaresd_8_gen1_5g_firmwarerobotics_rb3qru1032sxr2130qca6574ssg2115p_firmwareqcm8550sa8650psa8770p_firmwareqca6698aq_firmwaresa8775p_firmwaresnapdragon_x55_5g_modem-rf_firmwareqamsrv1m_firmwaresnapdragon_865_5g_mobilewcd9326_firmwaresnapdragon_670_mobileqca6421_firmwaresnapdragon_xr2_5gfastconnect_6800wsa8810qdx1011snapdragon_8_gen_3_mobile_firmwareqam8255p_firmwaresnapdragon_888\+_5g_mobilewcd9375snapdragon_855_mobilesnapdragon_870_5g_mobile_firmwaresc8180x-aaabqdu1000sa6155fastconnect_6200_firmwarevision_intelligence_300snapdragon_855\+_mobilesa6155psnapdragon_765g_5g_mobile_firmwareqca6335_firmwarevideo_collaboration_vc3_platformqamsrv1h_firmwaresnapdragon_860_mobile_firmwarewsa8830_firmwareqca8081qdu1110_firmwaresc8380xpwcd9385wsa8840_firmwareqfw7124_firmwarewsa8840qca6426qfw7124qca6696sa8155p_firmwareqca6595snapdragon_678_mobile_firmwareqca8337snapdragon_845_mobile_firmwareqca8337_firmwareqam8650psxr1230p_firmwaresxr2330pvision_intelligence_400_firmwaresnapdragon_x24_lte_modemsrv1mqcs5430_firmwareqru1062qam8775p_firmwaresnapdragon_ar1_gen_1sm7250p_firmwaresnapdragon_x50_5g_modem-rf_firmwareqcm5430qcs9100qca6335sa8295p_firmwaresd855_firmwareqca9377sa9000pwsa8835aqt1000_firmwareqca8081_firmwareqca6797aq_firmwarefastconnect_7800wcd9340snapdragon_xr2_5g_firmwareqca6174aqca6574ausnapdragon_765_5g_mobilesnapdragon_auto_5g_modem-rf_gen_2qca6584au_firmwaresd_675_firmwarewcn3990fastconnect_6700qca6696_firmwaresnapdragon_x72_5g_modem-rf_firmwareqdx1011_firmwareqcs9100_firmwareqru1032_firmwaresrv1m_firmwarewsa8832fastconnect_6700_firmwarewcd9390_firmwareqcn6274sc8180x-adsc8280xp-abbb_firmwarewsa8815snapdragon_768g_5g_mobile_firmwaresxr1230pqru1062_firmwaresdx57mqca6574a_firmwaresdx55_firmwaresa8620pqca6430_firmwaresrv1lsrv1h_firmwareqcs6490sa8540psa6155_firmwaresc8180x-acaf_firmwaresa9000p_firmwaresa7775psnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8835_firmwaresnapdragon_855_mobile_firmwareqep8111sa7255psnapdragon_x35_5g_modem-rfqdu1210qamsrv1mqcs5430qam8295p_firmwareqcs8550_firmwareqcm6490qru1052_firmwareqdu1010_firmwaresnapdragon_x50_5g_modem-rfssg2125p_firmwaresa8650p_firmwareqcn6274_firmwarewcn3950_firmwareqca6391snapdragon_x65_5g_modem-rfvision_intelligence_400qcn9274_firmwareqca6564aqca6310qdu1110sdx57m_firmwarewcn3950video_collaboration_vc3_platform_firmwarewsa8845_firmwaresnapdragon_x55_5g_modem-rfqca6574_firmwareqcm8550_firmwaresa8150p_firmwarear8035qca6564a_firmwaresrv1l_firmwaresc8180xp-aaab_firmwarewsa8845hsa6155p_firmwarewcd9341wcd9395_firmwaresa8155sc8180x-aaab_firmwarewcn3990_firmwarefastconnect_6900qca6574aqca6431wcd9375_firmwarewcd9385_firmwareqam8650p_firmwaresnapdragon_855\+_mobile_firmwareqcn9274snapdragon_850_mobile_computesnapdragon_860_mobileqca6310_firmwaresa8295psa6145p_firmwaresa6145psdx80msa8620p_firmwaresnapdragon_888_5g_mobile_firmwaresdx80m_firmwaresa7255p_firmwareqca6595_firmwaresnapdragon_765g_5g_mobilevision_intelligence_300_firmwareqamsrv1hsdx55sc8180xp-acaf_firmwaresnapdragon_865\+_5g_mobile_firmwarewcd9380snapdragon_x75_5g_modem-rf_firmwareqsm8350qca6436_firmwaresa8155pwsa8832_firmwaresd_8cxqca6564ausc8180xp-adsxr2130_firmwareqcs6490_firmwareqca6595au_firmwareqcn6224sa8255p_firmwareqca6595ausc8180xp-ad_firmwareqam8255psc8280xp-abbbqca6431_firmwaresrv1hsnapdragon_845_mobileqam8620par8035_firmwaresc8380xp_firmwareqsm8350_firmwaresd865_5g_firmwaresd865_5gwsa8845h_firmwaresnapdragon_675_mobile_firmwareqdx1010_firmwaresnapdragon_x62_5g_modem-rf_firmwarewsa8845snapdragon_ar2_gen_1_firmwarewcd9380_firmwaresd855qca6391_firmwareqca6174a_firmwareqdx1010qdu1010wcn3980wcd9370wcd9340_firmwaresc8180x-acafqca6426_firmwaressg2125pqca6678aqsnapdragon_765_5g_mobile_firmwaresnapdragon_x75_5g_modem-rfwcd9341_firmwaresa8155_firmwaresnapdragon_8_gen_1_mobilesnapdragon_870_5g_mobilesnapdragon_865_5g_mobile_firmwareqca6564au_firmwareqam8295pqam8620p_firmwaresnapdragon_888\+_5g_mobile_firmwareqca6797aqqcs8550sa8150psnapdragon_768g_5g_mobileqcm5430_firmwaresnapdragon_8_gen_1_mobile_firmwaresd_8_gen1_5gsnapdragon_ar1_gen_1_firmwarewsa8810_firmwaresd_8cx_firmwareqcc710sm7250pssg2115psnapdragon_8_gen_3_mobilesnapdragon_x72_5g_modem-rfqca6420_firmwareqca9377_firmwaresc8180xp-aaabsnapdragon_850_mobile_compute_firmwaresd670wsa8830wsa8815_firmwaresa8770psnapdragon_x24_lte_modem_firmwarefastconnect_6200wcn3980_firmwaresnapdragon_x35_5g_modem-rf_firmwareqca6678aq_firmwareqca6698aqqca6436fastconnect_6900_firmwareqfw7114sd_675aqt1000fastconnect_6800_firmwarewcd9390wcd9395qfw7114_firmwaresxr2330p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1942
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.05% / 15.38%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055sd_8cx_gen3_firmwaremdm9150_firmwarewcn3991_firmwaresd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610wsa8830qcs2290_firmwarefsm10056qca8337sd7c_firmwarewcd9360_firmwarecsra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qca6426qrb5165n_firmwareqca9984_firmwaresa415mwcn3998wcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwarewcn3950sd720gsm6375_firmwaresd662sd460_firmwareqcn9011_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcn3999_firmwareqca6420qca6436_firmwarewcd9360qrb5165nqca6564au_firmwaresd778gsa6155p_firmwaresm6225wcn3999sd_8cx_gen2sa515m_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwaresdxr2_5gsa4155p_firmwaresa8155_firmwaresd662_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwarewcd9340sa8195pwsa8810_firmwaresd765gsw5100sd765_firmwarefsm10056_firmwareqca6436wcn6851wcd9335sa6155pqcs4290_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwaresd_8cx_gen3qca6390ar8035sd750g_firmwareaqt1000sa8150psxr2150p_firmwaresm6250_firmwarewcd9375wcn3910_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcx315qca6564awcn6750_firmwaresa4150pqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaresd_675sw5100psd865_5gqca6564ausdx55m_firmwarewcn6856_firmwareqcn9012wsa8835qca6574qcx315_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6430_firmwareqcn9012_firmwarewcd9335_firmwarewcn3980wcn6750sa515mqca6574_firmwarewcd9340_firmwaresd855wsa8815sm7325p_firmwaresd7cwcn3910wcn6850sdx57m_firmwaresd765qca6426_firmwareqca6574a_firmwareqca9984sd768g_firmwareqrb5165mwcn3980_firmwaresd460qca6391sd730sdx55msxr2150paqt1000_firmwaresd678_firmwarear8031_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwareqcn9011sm6225_firmwareqca6574ausa8155p_firmwareqca6564a_firmwaresdx57mwcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810sw5100p_firmwareqcs610_firmwaremdm9150wcn6856qsm8250sa6145pqca6564_firmwaresd768gar8031qcs405_firmwaresa8145pqca6696qca6391_firmwaresa4150p_firmwarewcd9370_firmwaresa6150psdx55sa8155pcsra6640sd675sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresa4155par8035_firmwareqcm2290qsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • Next
Details not found