CVE-2022-33229

Q: What is the severity of CVE-2022-33229?

CVE-2022-33229 has a CVSS score of 8.2 (HIGH). This vulnerability allows attackers to read sensitive information from modem memory due to a buffer over-read when processing IPv4 packets. It affects devices with Qualcomm modems, potentially exposing network data or device information. The impact is limited to information disclosure rather than code execution.

8.2 HIGH

📋 TL;DR

This vulnerability allows attackers to read sensitive information from modem memory due to a buffer over-read when processing IPv4 packets. It affects devices with Qualcomm modems, potentially exposing network data or device information. The impact is limited to information disclosure rather than code execution.

💻 Affected Systems

Products:

Qualcomm modem chipsets and devices using them

Versions: Specific affected versions not publicly detailed; refer to Qualcomm advisory for chipset-specific information

Operating Systems: Android and other mobile OS using Qualcomm modems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable Qualcomm modem firmware; exact chipset models in Qualcomm advisory.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive modem memory contents including network credentials, device identifiers, or temporary packet data, potentially enabling further attacks.

🟠

Likely Case

Limited information disclosure of packet data or adjacent memory regions, potentially revealing network metadata or partial packet contents.

🟢

If Mitigated

With proper network segmentation and modem isolation, impact is limited to the modem subsystem with no access to main system memory.

🌐 Internet-Facing: MEDIUM - Requires sending specially crafted IPv4 packets to the modem interface, which may be exposed on cellular networks.

🏢 Internal Only: LOW - Typically requires local network access or cellular network proximity to target the modem interface.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting IPv4 packets targeting the modem interface; no public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to device manufacturer updates for specific modem firmware versions

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for security updates. 2. Apply modem firmware updates via OTA or manufacturer tools. 3. Reboot device after update.

🔧 Temporary Workarounds

Network segmentation

all

Isolate modem interfaces from untrusted networks

Firewall restrictions

all

Block unnecessary IPv4 traffic to modem interfaces

🧯 If You Can't Patch

Segment modem network interfaces from production networks
Monitor for unusual modem traffic patterns or memory access attempts

🔍 How to Verify

Check if Vulnerable:

Check device modem firmware version against manufacturer security bulletins

Check Version:

Device-specific; typically in Settings > About Phone > Baseband Version

Verify Fix Applied:

Verify modem firmware version has been updated to patched version

📡 Detection & Monitoring

Log Indicators:

Unusual modem memory access patterns
Modem crash logs or reset events

Network Indicators:

Malformed IPv4 packets targeting modem interfaces
Unusual traffic to modem IP ranges

SIEM Query:

Search for modem interface errors or memory access violations in device logs

📊 Metadata

CVE ID: CVE-2022-33229

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CWE: CWE-126

Published: February 12, 2023

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8031 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Mdm8207 Firmware by Qualcomm

Mdm9205 Firmware by Qualcomm

Mdm9206 Firmware by Qualcomm

Mdm9207 Firmware by Qualcomm

Mdm9607 Firmware by Qualcomm

Qca4004 Firmware by Qualcomm

Qca4010 Firmware by Qualcomm

Qca4020 Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qcs405 Firmware by Qualcomm

Qts110 Firmware by Qualcomm

Wcd9306 Firmware by Qualcomm

Wcd9330 Firmware by Qualcomm

Wcd9335 Firmware by Qualcomm

Wcn3980 Firmware by Qualcomm

Wcn3999 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm