CVE-2022-33288

9.3 CRITICAL

Buffer Overflow

📋 TL;DR

CVE-2022-33288 is a critical buffer overflow vulnerability in Qualcomm's Core component that allows memory corruption when sending SCM commands to retrieve write protection information. Attackers can exploit this to execute arbitrary code with kernel privileges. This affects devices using Qualcomm chipsets, particularly Android smartphones and IoT devices.

💻 Affected Systems

Products:

• Qualcomm chipsets with Core component
• Android devices using affected Qualcomm chips
• IoT devices with affected Qualcomm hardware

Versions: Multiple Qualcomm chipset versions prior to April 2023 security updates

Operating Systems: Android, Linux-based systems using Qualcomm chips

Default Config Vulnerable: ⚠️ Yes

Notes: Specific chipset models include various Snapdragon processors. Check Qualcomm advisory for exact affected products.

📦 What is this software?

315 5g Iot Modem Firmware by Qualcomm

View all CVEs affecting 315 5g Iot Modem Firmware →

Aqt1000 Firmware by Qualcomm

View all CVEs affecting Aqt1000 Firmware →

Ar8035 Firmware by Qualcomm

View all CVEs affecting Ar8035 Firmware →

Flight Rb5 5g Platform Firmware by Qualcomm

View all CVEs affecting Flight Rb5 5g Platform Firmware →

Qam8295p Firmware by Qualcomm

View all CVEs affecting Qam8295p Firmware →

Qca6174a Firmware by Qualcomm

View all CVEs affecting Qca6174a Firmware →

Qca6310 Firmware by Qualcomm

View all CVEs affecting Qca6310 Firmware →

Qca6335 Firmware by Qualcomm

View all CVEs affecting Qca6335 Firmware →

Qca6390 Firmware by Qualcomm

View all CVEs affecting Qca6390 Firmware →

Qca6391 Firmware by Qualcomm

View all CVEs affecting Qca6391 Firmware →

Qca6420 Firmware by Qualcomm

View all CVEs affecting Qca6420 Firmware →

Qca6421 Firmware by Qualcomm

View all CVEs affecting Qca6421 Firmware →

Qca6426 Firmware by Qualcomm

View all CVEs affecting Qca6426 Firmware →

Qca6430 Firmware by Qualcomm

View all CVEs affecting Qca6430 Firmware →

Qca6431 Firmware by Qualcomm

View all CVEs affecting Qca6431 Firmware →

Qca6436 Firmware by Qualcomm

View all CVEs affecting Qca6436 Firmware →

Qca6564a Firmware by Qualcomm

View all CVEs affecting Qca6564a Firmware →

Qca6564au Firmware by Qualcomm

View all CVEs affecting Qca6564au Firmware →

Qca6574 Firmware by Qualcomm

View all CVEs affecting Qca6574 Firmware →

Qca6574a Firmware by Qualcomm

View all CVEs affecting Qca6574a Firmware →

Qca6574au Firmware by Qualcomm

View all CVEs affecting Qca6574au Firmware →

Qca6595 Firmware by Qualcomm

View all CVEs affecting Qca6595 Firmware →

Qca6595au Firmware by Qualcomm

View all CVEs affecting Qca6595au Firmware →

Qca6696 Firmware by Qualcomm

View all CVEs affecting Qca6696 Firmware →

Qca6698aq Firmware by Qualcomm

View all CVEs affecting Qca6698aq Firmware →

Qca8081 Firmware by Qualcomm

View all CVEs affecting Qca8081 Firmware →

Qca8337 Firmware by Qualcomm

View all CVEs affecting Qca8337 Firmware →

Qca9377 Firmware by Qualcomm

View all CVEs affecting Qca9377 Firmware →

Qcm6490 Firmware by Qualcomm

View all CVEs affecting Qcm6490 Firmware →

Qcn6024 Firmware by Qualcomm

View all CVEs affecting Qcn6024 Firmware →

Qcn9011 Firmware by Qualcomm

View all CVEs affecting Qcn9011 Firmware →

Qcn9012 Firmware by Qualcomm

View all CVEs affecting Qcn9012 Firmware →

Qcn9024 Firmware by Qualcomm

View all CVEs affecting Qcn9024 Firmware →

Qcs603 Firmware by Qualcomm

View all CVEs affecting Qcs603 Firmware →

Qcs605 Firmware by Qualcomm

View all CVEs affecting Qcs605 Firmware →

Qcs6490 Firmware by Qualcomm

View all CVEs affecting Qcs6490 Firmware →

Qrb5165 Firmware by Qualcomm

View all CVEs affecting Qrb5165 Firmware →

Qrb5165m Firmware by Qualcomm

View all CVEs affecting Qrb5165m Firmware →

Qrb5165n Firmware by Qualcomm

View all CVEs affecting Qrb5165n Firmware →

Qsm8250 Firmware by Qualcomm

View all CVEs affecting Qsm8250 Firmware →

Qsm8350 Firmware by Qualcomm

View all CVEs affecting Qsm8350 Firmware →

Sa6145p Firmware by Qualcomm

View all CVEs affecting Sa6145p Firmware →

Sa6155 Firmware by Qualcomm

View all CVEs affecting Sa6155 Firmware →

Sa6155p Firmware by Qualcomm

View all CVEs affecting Sa6155p Firmware →

Sa8150p Firmware by Qualcomm

View all CVEs affecting Sa8150p Firmware →

Sa8155 Firmware by Qualcomm

View all CVEs affecting Sa8155 Firmware →

Sa8155p Firmware by Qualcomm

View all CVEs affecting Sa8155p Firmware →

Sa8295p Firmware by Qualcomm

View all CVEs affecting Sa8295p Firmware →

Sa8540p Firmware by Qualcomm

View all CVEs affecting Sa8540p Firmware →

Sa9000p Firmware by Qualcomm

View all CVEs affecting Sa9000p Firmware →

Sc8180x\+sdx55 Firmware by Qualcomm

View all CVEs affecting Sc8180x\+sdx55 Firmware →

Sd 675 Firmware by Qualcomm

View all CVEs affecting Sd 675 Firmware →

Sd 8 Gen1 5g Firmware by Qualcomm

View all CVEs affecting Sd 8 Gen1 5g Firmware →

Sd 8cx Firmware by Qualcomm

View all CVEs affecting Sd 8cx Firmware →

Sd 8cx Gen2 Firmware by Qualcomm

View all CVEs affecting Sd 8cx Gen2 Firmware →

Sd 8cx Gen3 Firmware by Qualcomm

View all CVEs affecting Sd 8cx Gen3 Firmware →

Sd670 Firmware by Qualcomm

View all CVEs affecting Sd670 Firmware →

Sd675 Firmware by Qualcomm

View all CVEs affecting Sd675 Firmware →

Sd778g Firmware by Qualcomm

View all CVEs affecting Sd778g Firmware →

Sd855 Firmware by Qualcomm

View all CVEs affecting Sd855 Firmware →

Sd865 5g Firmware by Qualcomm

View all CVEs affecting Sd865 5g Firmware →

Sd888 Firmware by Qualcomm

View all CVEs affecting Sd888 Firmware →

Sda\/sdm845 Firmware by Qualcomm

View all CVEs affecting Sda\/sdm845 Firmware →

Sdm670 Firmware by Qualcomm

View all CVEs affecting Sdm670 Firmware →

Sdm845 Firmware by Qualcomm

View all CVEs affecting Sdm845 Firmware →

Sdm850 Firmware by Qualcomm

View all CVEs affecting Sdm850 Firmware →

Sdx55 Firmware by Qualcomm

View all CVEs affecting Sdx55 Firmware →

Sdx57m Firmware by Qualcomm

View all CVEs affecting Sdx57m Firmware →

Sm6150 Ac Firmware by Qualcomm

View all CVEs affecting Sm6150 Ac Firmware →

Sm6150 Firmware by Qualcomm

View all CVEs affecting Sm6150 Firmware →

Sm6350 Firmware by Qualcomm

View all CVEs affecting Sm6350 Firmware →

Sm7225 Firmware by Qualcomm

View all CVEs affecting Sm7225 Firmware →

Sm7250 Aa Firmware by Qualcomm

View all CVEs affecting Sm7250 Aa Firmware →

Sm7250 Ab Firmware by Qualcomm

View all CVEs affecting Sm7250 Ab Firmware →

Sm7250 Ac Firmware by Qualcomm

View all CVEs affecting Sm7250 Ac Firmware →

Sm7250p Firmware by Qualcomm

View all CVEs affecting Sm7250p Firmware →

Sm7315 Firmware by Qualcomm

View all CVEs affecting Sm7315 Firmware →

Sm7325 Ae Firmware by Qualcomm

View all CVEs affecting Sm7325 Ae Firmware →

Sm7325 Af Firmware by Qualcomm

View all CVEs affecting Sm7325 Af Firmware →

Sm7325 Firmware by Qualcomm

View all CVEs affecting Sm7325 Firmware →

Sm7325p Firmware by Qualcomm

View all CVEs affecting Sm7325p Firmware →

Sm7350 Ab Firmware by Qualcomm

View all CVEs affecting Sm7350 Ab Firmware →

Sm8150 Ac Firmware by Qualcomm

View all CVEs affecting Sm8150 Ac Firmware →

Sm8150 Firmware by Qualcomm

View all CVEs affecting Sm8150 Firmware →

Sm8250 Ab Firmware by Qualcomm

View all CVEs affecting Sm8250 Ab Firmware →

Sm8250 Ac Firmware by Qualcomm

View all CVEs affecting Sm8250 Ac Firmware →

Sm8250 Firmware by Qualcomm

View all CVEs affecting Sm8250 Firmware →

Sm8350 Ac Firmware by Qualcomm

View all CVEs affecting Sm8350 Ac Firmware →

Sm8350 Firmware by Qualcomm

View all CVEs affecting Sm8350 Firmware →

Sm8450 Firmware by Qualcomm

View all CVEs affecting Sm8450 Firmware →

Snapdragon Ar2 Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar2 Gen 1 Platform Firmware →

Snapdragon Auto 5g Modem Rf Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →

Snapdragon X24 Lte Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon X24 Lte Modem Firmware →

Snapdragon X50 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X50 5g Modem Rf System Firmware →

Snapdragon X55 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X55 5g Modem Rf System Firmware →

Snapdragon X65 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X65 5g Modem Rf System Firmware →

Snapdragon X70 Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X70 Modem Rf System Firmware →

Snapdragon Xr2 5g Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2 5g Platform Firmware →

Snapdragon Xr2\+ Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2\+ Gen 1 Platform Firmware →

Ssg2115p Firmware by Qualcomm

View all CVEs affecting Ssg2115p Firmware →

Ssg2125p Firmware by Qualcomm

View all CVEs affecting Ssg2125p Firmware →

Sxr1230p Firmware by Qualcomm

View all CVEs affecting Sxr1230p Firmware →

Sxr2130 Firmware by Qualcomm

View all CVEs affecting Sxr2130 Firmware →

Sxr2230p Firmware by Qualcomm

View all CVEs affecting Sxr2230p Firmware →

Wcd9326 Firmware by Qualcomm

View all CVEs affecting Wcd9326 Firmware →

Wcd9340 Firmware by Qualcomm

View all CVEs affecting Wcd9340 Firmware →

Wcd9341 Firmware by Qualcomm

View all CVEs affecting Wcd9341 Firmware →

Wcd9360 Firmware by Qualcomm

View all CVEs affecting Wcd9360 Firmware →

Wcd9370 Firmware by Qualcomm

View all CVEs affecting Wcd9370 Firmware →

Wcd9375 Firmware by Qualcomm

View all CVEs affecting Wcd9375 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcn3950 Firmware by Qualcomm

View all CVEs affecting Wcn3950 Firmware →

Wcn3980 Firmware by Qualcomm

View all CVEs affecting Wcn3980 Firmware →

Wcn3988 Firmware by Qualcomm

View all CVEs affecting Wcn3988 Firmware →

Wcn3990 Firmware by Qualcomm

View all CVEs affecting Wcn3990 Firmware →

Wcn3998 Firmware by Qualcomm

View all CVEs affecting Wcn3998 Firmware →

Wcn6740 Firmware by Qualcomm

View all CVEs affecting Wcn6740 Firmware →

Wcn6750 Firmware by Qualcomm

View all CVEs affecting Wcn6750 Firmware →

Wcn685x 1 Firmware by Qualcomm

View all CVEs affecting Wcn685x 1 Firmware →

Wcn685x 5 Firmware by Qualcomm

View all CVEs affecting Wcn685x 5 Firmware →

Wcn785x 1 Firmware by Qualcomm

View all CVEs affecting Wcn785x 1 Firmware →

Wcn785x 5 Firmware by Qualcomm

View all CVEs affecting Wcn785x 5 Firmware →

Wsa8810 Firmware by Qualcomm

View all CVEs affecting Wsa8810 Firmware →

Wsa8815 Firmware by Qualcomm

View all CVEs affecting Wsa8815 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise with kernel-level code execution, allowing persistent backdoor installation, data theft, and device bricking.

🟠

Likely Case

Remote code execution leading to malware installation, data exfiltration, or device takeover in targeted attacks.

🟢

If Mitigated

Limited impact with proper security controls, potentially causing denial of service or application crashes.

🌐 Internet-Facing: HIGH - Exploitable remotely via malicious apps or network vectors on affected devices.

🏢 Internal Only: MEDIUM - Requires local access or malicious app installation, but still poses significant risk.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access or malicious app installation. No public exploit code available, but high CVSS score suggests weaponization is likely.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: April 2023 Qualcomm security updates and later

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for security updates. 2. Apply April 2023 or later Qualcomm security patches. 3. For Android devices, install latest system updates from manufacturer. 4. Reboot device after update.

🔧 Temporary Workarounds

Restrict app permissions

android

Limit app permissions to reduce attack surface

Disable unnecessary services

all

Disable unused system services that might use SCM commands

🧯 If You Can't Patch

• Isolate affected devices on separate network segments
• Implement strict app whitelisting and vetting procedures

🔍 How to Verify

Check if Vulnerable:

Copy

Check device security patch level: Settings > About phone > Android security patch level. If before April 2023, likely vulnerable.

Check Version:

Copy

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Copy

Verify security patch level is April 2023 or later. Check Qualcomm chipset firmware version if accessible.

📡 Detection & Monitoring

Log Indicators:

• Kernel panic logs
• Memory corruption errors in system logs
• Unexpected SCM command failures

Network Indicators:

• Unusual outbound connections from system processes
• Suspicious privilege escalation attempts

SIEM Query:

Copy

source="kernel" AND ("panic" OR "corruption" OR "SCM")

📊 Metadata

CVE ID: CVE-2022-33288

CVSS v3 Score: 9.3 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-120

Published: April 13, 2023

Last Updated: November 21, 2024

🔗 References

• https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin Vendor Advisory
• https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-33288, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)

CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)

CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)