CVE-2022-33251

Q: What is the severity of CVE-2022-33251?

CVE-2022-33251 has a CVSS score of 7.5 (HIGH). This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Qualcomm modems by sending invalid network configuration data. The modem crashes due to a reachable assertion when processing malformed network configuration, affecting devices with vulnerable Qualcomm modem chipsets.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Qualcomm modems by sending invalid network configuration data. The modem crashes due to a reachable assertion when processing malformed network configuration, affecting devices with vulnerable Qualcomm modem chipsets.

💻 Affected Systems

Products:

Qualcomm modem chipsets
Devices with Qualcomm modems (smartphones, IoT devices, embedded systems)

Versions: Specific affected versions not publicly detailed in bulletin

Operating Systems: Android, Embedded RTOS on Qualcomm modems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable Qualcomm modem firmware versions. Exact device models not specified in public bulletin.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Permanent modem failure requiring device reboot or factory reset, disrupting all cellular connectivity including emergency calls.

🟠

Likely Case

Temporary modem crash causing loss of cellular connectivity until modem restarts automatically or device reboots.

🟢

If Mitigated

Minimal impact with proper network filtering and updated firmware preventing invalid configurations from reaching modem.

🌐 Internet-Facing: MEDIUM - Attackers could exploit via malicious base stations or network packets, but requires proximity or network access.

🏢 Internal Only: LOW - Internal networks typically don't send modem configuration data that would trigger this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending specially crafted network configuration to modem, which could be done via malicious base station or network packets.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in public bulletin - check with device manufacturers for specific firmware updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided modem firmware patches. 3. Reboot device after update. 4. Verify modem functionality post-update.

🔧 Temporary Workarounds

Network filtering

all

Implement network filtering to block invalid network configuration packets

Disable vulnerable features

all

Disable non-essential network configuration features if supported

🧯 If You Can't Patch

Implement network monitoring for abnormal modem configuration attempts
Restrict physical and network access to devices with vulnerable modems

🔍 How to Verify

Check if Vulnerable:

Check device modem firmware version against manufacturer's security bulletins

Check Version:

Device-specific commands vary by manufacturer (e.g., Android: Settings > About phone > Baseband version)

Verify Fix Applied:

Verify modem firmware has been updated to version containing June 2023 Qualcomm security patches

📡 Detection & Monitoring

Log Indicators:

Modem crash logs
Unexpected modem resets
Network configuration errors

Network Indicators:

Abnormal network configuration packets
Unexpected modem protocol messages

SIEM Query:

Search for modem crash events or unexpected network configuration attempts in device logs

📊 Metadata

CVE ID: CVE-2022-33251

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

Published: June 6, 2023

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

315 5g Iot Modem Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcn6024 Firmware by Qualcomm

Qcn9024 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Qcs8550 Firmware by Qualcomm

Sd855 Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sdx55 Firmware by Qualcomm

Sdx57m Firmware by Qualcomm

Sm4350 Ac Firmware by Qualcomm

Sm4350 Firmware by Qualcomm

Sm4375 Firmware by Qualcomm

Sm6350 Firmware by Qualcomm

Sm6375 Firmware by Qualcomm

Sm7225 Firmware by Qualcomm

Sm7250 Aa Firmware by Qualcomm

Sm7250 Ab Firmware by Qualcomm

Sm7250 Ac Firmware by Qualcomm

Sm7250p Firmware by Qualcomm

Sm7325 Ae Firmware by Qualcomm

Sm7325 Af Firmware by Qualcomm

Sm7325 Firmware by Qualcomm

Sm7325p Firmware by Qualcomm

Sm7350 Ab Firmware by Qualcomm

Sm8150 Ac Firmware by Qualcomm

Sm8150 Firmware by Qualcomm

Sm8250 Ab Firmware by Qualcomm

Sm8250 Ac Firmware by Qualcomm

Sm8250 Firmware by Qualcomm

Sm8350 Ac Firmware by Qualcomm

Sm8350 Firmware by Qualcomm

Sm8450 Firmware by Qualcomm

Sm8475 Firmware by Qualcomm

Snapdragon 7c\+ Gen 3 Compute Firmware by Qualcomm

Snapdragon Auto 5g Modem Rf Firmware by Qualcomm

Snapdragon X55 5g Modem Rf System Firmware by Qualcomm

Snapdragon X65 5g Modem Rf System Firmware by Qualcomm

Snapdragon X70 Modem Rf System Firmware by Qualcomm

Snapdragon Xr2 5g Platform Firmware by Qualcomm

Sxr2130 Firmware by Qualcomm

Wcd9341 Firmware by Qualcomm

Wcd9360 Firmware by Qualcomm

Wcd9370 Firmware by Qualcomm

Wcd9375 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcn3988 Firmware by Qualcomm

Wcn3991 Firmware by Qualcomm

Wcn3998 Firmware by Qualcomm

Wcn6740 Firmware by Qualcomm

Wcn6750 Firmware by Qualcomm

Wcn685x 1 Firmware by Qualcomm

Wcn685x 5 Firmware by Qualcomm

Wcn785x 1 Firmware by Qualcomm

Wcn785x 5 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm

⚠️ Risk & Real-World Impact

Worst Case

Likely Case