CVE-2022-33248

Q: What is the severity of CVE-2022-33248?

CVE-2022-33248 has a CVSS score of 7.8 (HIGH). This vulnerability allows memory corruption in Qualcomm's User Identity Module due to an integer overflow that leads to buffer overflow when processing segments via QMI HTTP. It affects devices using Qualcomm chipsets with vulnerable firmware. Attackers could potentially execute arbitrary code or cause denial of service.

7.8 HIGH

Buffer Overflow

📋 TL;DR

This vulnerability allows memory corruption in Qualcomm's User Identity Module due to an integer overflow that leads to buffer overflow when processing segments via QMI HTTP. It affects devices using Qualcomm chipsets with vulnerable firmware. Attackers could potentially execute arbitrary code or cause denial of service.

💻 Affected Systems

Products:

Qualcomm chipsets with User Identity Module functionality

Versions: Specific firmware versions not publicly detailed in advisory

Operating Systems: Android and other embedded systems using Qualcomm chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with Qualcomm chipsets that have the vulnerable User Identity Module component. Exact device models depend on chipset implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete device compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Denial of service causing device crashes or instability, potentially requiring physical reset.

🟢

If Mitigated

Limited impact with proper network segmentation and exploit mitigations, possibly just crashes without code execution.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending specially crafted QMI HTTP segments to trigger the integer overflow. No public exploit code available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm security bulletin for specific firmware versions

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches through OEM firmware updates. 3. Reboot device after update. 4. Verify patch installation.

🔧 Temporary Workarounds

Network segmentation

all

Restrict network access to QMI HTTP interfaces

Firewall rules

all

Block unnecessary QMI HTTP traffic at network perimeter

🧯 If You Can't Patch

Isolate affected devices from untrusted networks
Implement strict network access controls and monitoring

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm security bulletin. Use 'getprop ro.build.fingerprint' on Android devices to identify chipset.

Check Version:

Android: getprop ro.build.fingerprint; Other: Check device firmware version in settings

Verify Fix Applied:

Verify firmware version has been updated to patched version specified in Qualcomm advisory.

📡 Detection & Monitoring

Log Indicators:

Unexpected QMI HTTP segment processing errors
Memory corruption logs in system logs
Device crashes or reboots

Network Indicators:

Unusual QMI HTTP traffic patterns
Malformed QMI HTTP segments

SIEM Query:

Search for QMI HTTP protocol anomalies or memory corruption events in device logs

📊 Metadata

CVE ID: CVE-2022-33248

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-680

Published: February 12, 2023

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Apq8009 Firmware by Qualcomm

Apq8009w Firmware by Qualcomm

Apq8017 Firmware by Qualcomm

Apq8037 Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Mdm9150 Firmware by Qualcomm

Mdm9250 Firmware by Qualcomm

Mdm9650 Firmware by Qualcomm

Msm8108 Firmware by Qualcomm

Msm8208 Firmware by Qualcomm

Msm8209 Firmware by Qualcomm

Msm8608 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Msm8917 Firmware by Qualcomm

Msm8937 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6310 Firmware by Qualcomm

Qca6320 Firmware by Qualcomm

Qca6335 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcc5100 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcm4325 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcn6024 Firmware by Qualcomm

Qcn9024 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs405 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qcs603 Firmware by Qualcomm

Qcs605 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qcs6125 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Qcx315 Firmware by Qualcomm

Qet4101 Firmware by Qualcomm

Qsw8573 Firmware by Qualcomm

Qualcomm215 Firmware by Qualcomm

Sa415m Firmware by Qualcomm

Sa515m Firmware by Qualcomm

Sc8180x Firmware by Qualcomm

Sd 455 Firmware by Qualcomm

Sd 636 Firmware by Qualcomm

Sd 675 Firmware by Qualcomm

Sd 8 Gen1 5g Firmware by Qualcomm

Sd 8cx Gen2 Firmware by Qualcomm

Sd205 Firmware by Qualcomm

Sd210 Firmware by Qualcomm

Sd429 Firmware by Qualcomm

Sd439 Firmware by Qualcomm

Sd460 Firmware by Qualcomm

Sd480 Firmware by Qualcomm

Sd660 Firmware by Qualcomm

Sd662 Firmware by Qualcomm