CVE-2022-33291

Q: What is the severity of CVE-2022-33291?

CVE-2022-33291 has a CVSS score of 8.2 (HIGH). This vulnerability in Qualcomm modems allows attackers to read sensitive information from device memory due to improper handling of malformed IP headers. It affects mobile devices and IoT products using vulnerable Qualcomm modem chipsets. Successful exploitation could expose network data, device identifiers, or other memory contents.

8.2 HIGH

📋 TL;DR

This vulnerability in Qualcomm modems allows attackers to read sensitive information from device memory due to improper handling of malformed IP headers. It affects mobile devices and IoT products using vulnerable Qualcomm modem chipsets. Successful exploitation could expose network data, device identifiers, or other memory contents.

💻 Affected Systems

Products:

Qualcomm modem chipsets

Versions: Specific affected versions not publicly detailed in bulletin

Operating Systems: Android and other mobile OS using Qualcomm modems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable Qualcomm modem firmware. Exact chipset models not specified in public bulletin.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker gains access to sensitive modem memory contents including IMSI, IMEI, network keys, or other device identifiers, potentially enabling tracking, impersonation, or further attacks.

🟠

Likely Case

Information disclosure of network-related data or device identifiers that could be used for tracking or profiling devices.

🟢

If Mitigated

Limited impact with proper network segmentation and modem isolation, though some information leakage may still occur.

🌐 Internet-Facing: MEDIUM - Requires sending malformed packets to modem interface, but many devices have modems exposed to cellular networks.

🏢 Internal Only: LOW - Typically requires direct access to modem interfaces which are usually isolated from internal networks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires sending specially crafted IP packets to modem interface. No public exploit code available as of knowledge cutoff.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in public bulletin

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided modem firmware patches. 3. Reboot device to activate new firmware.

🔧 Temporary Workarounds

Network filtering

all

Implement network filtering to block malformed IP packets at network perimeter

Modem isolation

all

Isolate modem interfaces from untrusted networks where possible

🧯 If You Can't Patch

Segment network to limit modem interface exposure
Monitor for unusual modem traffic patterns or memory access attempts

🔍 How to Verify

Check if Vulnerable:

Check device modem firmware version against manufacturer security bulletins

Check Version:

Device-specific commands vary by manufacturer (e.g., Android: Settings > About Phone > Baseband version)

Verify Fix Applied:

Verify modem firmware has been updated to version containing April 2023 Qualcomm security patches

📡 Detection & Monitoring

Log Indicators:

Modem crash logs
Memory access violation logs in modem subsystem

Network Indicators:

Malformed IP packets targeting modem interfaces
Unusual modem traffic patterns

SIEM Query:

Not applicable - detection primarily at modem firmware level

📊 Metadata

CVE ID: CVE-2022-33291

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CWE: CWE-126

Published: April 13, 2023

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

9205 Lte Modem Firmware by Qualcomm

9206 Lte Modem Firmware by Qualcomm

9207 Lte Modem Firmware by Qualcomm

Ar8031 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Home Hub 100 Platform Firmware by Qualcomm

Mdm8207 Firmware by Qualcomm

Qca4004 Firmware by Qualcomm

Qca4010 Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qcs400 Firmware by Qualcomm

Qts110 Firmware by Qualcomm

Snapdragon 1100 Wearable Platform Firmware by Qualcomm

Snapdragon 1200 Wearable Platform Firmware by Qualcomm

Snapdragon Ar2 Gen 1 Platform Firmware by Qualcomm

Snapdragon Wear 1300 Platform Firmware by Qualcomm

Snapdragon X5 Lte Modem Firmware by Qualcomm

Ssg2115p Firmware by Qualcomm

Ssg2125p Firmware by Qualcomm

Sxr1230p Firmware by Qualcomm

Sxr2230p Firmware by Qualcomm

Wcd9306 Firmware by Qualcomm

Wcd9330 Firmware by Qualcomm

Wcd9335 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcn3980 Firmware by Qualcomm

Wcn3998 Firmware by Qualcomm

Wcn3999 Firmware by Qualcomm

Wcn685x 1 Firmware by Qualcomm

Wcn685x 5 Firmware by Qualcomm

Wcn785x 1 Firmware by Qualcomm

Wcn785x 5 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8832 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm