CVE-2022-25733

Q: What is the severity of CVE-2022-25733?

CVE-2022-25733 has a CVSS score of 7.5 (HIGH). CVE-2022-25733 is a null pointer dereference vulnerability in Qualcomm modem firmware that allows denial of service attacks. When processing specially crafted DNS packets, the modem can crash, disrupting cellular connectivity. This affects devices using vulnerable Qualcomm modem chipsets.

7.5 HIGH

Denial of Service

📋 TL;DR

CVE-2022-25733 is a null pointer dereference vulnerability in Qualcomm modem firmware that allows denial of service attacks. When processing specially crafted DNS packets, the modem can crash, disrupting cellular connectivity. This affects devices using vulnerable Qualcomm modem chipsets.

💻 Affected Systems

Products:

Qualcomm modem chipsets

Versions: Specific vulnerable versions not publicly detailed in advisory

Operating Systems: Any OS using affected Qualcomm modem firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable Qualcomm modem firmware; exact chipset models not specified in public advisory.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete loss of cellular connectivity requiring device reboot, potentially affecting mission-critical communications in industrial or emergency devices.

🟠

Likely Case

Temporary service disruption affecting mobile data and voice calls until modem resets or device reboots.

🟢

If Mitigated

Minimal impact with proper network filtering and updated firmware preventing malicious DNS packets from reaching vulnerable devices.

🌐 Internet-Facing: MEDIUM - Requires sending malicious DNS packets to vulnerable devices, but cellular networks have some inherent filtering.

🏢 Internal Only: LOW - Typically requires external network access to target cellular modems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires ability to send specially crafted DNS packets to vulnerable modem, typically from network perspective.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm February 2023 security bulletin for specific patched versions

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply Qualcomm modem firmware update. 3. Reboot device to activate new firmware.

🔧 Temporary Workarounds

Network DNS Filtering

all

Implement DNS filtering at network perimeter to block malicious DNS packets

DNS Server Hardening

all

Configure DNS servers to validate and sanitize DNS responses

🧯 If You Can't Patch

Implement strict network segmentation isolating vulnerable devices
Deploy intrusion detection/prevention systems monitoring for DNS anomalies

🔍 How to Verify

Check if Vulnerable:

Check modem firmware version against Qualcomm advisory; no public vulnerability scanner available

Check Version:

Device-specific commands vary by manufacturer; typically in device settings or diagnostic menus

Verify Fix Applied:

Verify modem firmware version matches or exceeds patched version in Qualcomm bulletin

📡 Detection & Monitoring

Log Indicators:

Modem crash logs
Unexpected modem resets
DNS processing errors in modem logs

Network Indicators:

Unusual DNS traffic patterns to cellular devices
DNS packets with malformed structures

SIEM Query:

DNS packets with abnormal size or structure AND destination to cellular IP ranges

📊 Metadata

CVE ID: CVE-2022-25733

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: February 12, 2023

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8031 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Mdm8207 Firmware by Qualcomm

Mdm9205 Firmware by Qualcomm

Mdm9206 Firmware by Qualcomm

Mdm9207 Firmware by Qualcomm

Mdm9607 Firmware by Qualcomm

Qca4004 Firmware by Qualcomm

Qca4010 Firmware by Qualcomm

Qca4020 Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qcs405 Firmware by Qualcomm

Qts110 Firmware by Qualcomm

Ssg2115p Firmware by Qualcomm

Ssg2125p Firmware by Qualcomm

Sxr1230p Firmware by Qualcomm

Sxr2230p Firmware by Qualcomm

Wcd9306 Firmware by Qualcomm

Wcd9330 Firmware by Qualcomm

Wcd9335 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcn3980 Firmware by Qualcomm

Wcn3998 Firmware by Qualcomm

Wcn3999 Firmware by Qualcomm

Wcn6855 Firmware by Qualcomm

Wcn6856 Firmware by Qualcomm

Wcn7850 Firmware by Qualcomm

Wcn7851 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8832 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm