CVE-2022-40521

Q: What is the severity of CVE-2022-40521?

CVE-2022-40521 has a CVSS score of 7.5 (HIGH). CVE-2022-40521 is an improper authorization vulnerability in Qualcomm modem firmware that allows attackers to cause a transient denial of service (DoS) by sending specially crafted requests. This affects mobile devices and IoT devices using vulnerable Qualcomm modem chipsets. The vulnerability requires local access to the modem interface.

7.5 HIGH

Denial of Service

📋 TL;DR

CVE-2022-40521 is an improper authorization vulnerability in Qualcomm modem firmware that allows attackers to cause a transient denial of service (DoS) by sending specially crafted requests. This affects mobile devices and IoT devices using vulnerable Qualcomm modem chipsets. The vulnerability requires local access to the modem interface.

💻 Affected Systems

Products:

Qualcomm modem chipsets (specific models not publicly detailed)

Versions: Specific vulnerable versions not publicly disclosed

Operating Systems: Android and other mobile OS using Qualcomm modems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable Qualcomm modem firmware. Exact chipset models are detailed in Qualcomm's restricted security bulletins.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete loss of cellular connectivity requiring device reboot, potentially disrupting critical communications in mobile devices or IoT systems.

🟠

Likely Case

Temporary loss of cellular data/voice services until modem resets, causing service disruption for affected devices.

🟢

If Mitigated

Minimal impact with proper network segmentation and access controls limiting modem interface exposure.

🌐 Internet-Facing: LOW - Requires local access to modem interface, not directly exploitable over internet.

🏢 Internal Only: MEDIUM - Could be exploited by malicious apps or compromised processes with modem access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access to modem interface. No public exploit code available as of knowledge cutoff.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in June 2023 security updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for security updates. 2. Apply June 2023 or later security patches. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict modem interface access

android

Limit which applications and processes can access modem interfaces through SELinux/AppArmor policies

# Configure SELinux policies to restrict modem access
# Review and restrict modem-related permissions in app manifests

🧯 If You Can't Patch

Implement strict application sandboxing to prevent unauthorized modem access
Monitor for abnormal modem reset events and cellular service disruptions

🔍 How to Verify

Check if Vulnerable:

Check device security patch level - if before June 2023, likely vulnerable. Contact device manufacturer for specific modem firmware version checks.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level is June 2023 or later in device settings > About phone > Android version > Security patch level.

📡 Detection & Monitoring

Log Indicators:

Unexpected modem resets
Modem crash logs
Cellular service disruption events

Network Indicators:

Sudden loss of cellular connectivity without network cause
Abnormal modem state transitions

SIEM Query:

Search for modem crash events or cellular service disruption logs correlated with suspicious process activity

📊 Metadata

CVE ID: CVE-2022-40521

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-285

Published: June 6, 2023

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

315 5g Iot Modem Firmware by Qualcomm

8953pro Firmware by Qualcomm

9205 Lte Modem Firmware by Qualcomm

9206 Lte Modem Firmware by Qualcomm

9207 Lte Modem Firmware by Qualcomm

Apq5053 Aa Firmware by Qualcomm

Apq8017 Firmware by Qualcomm

Apq8037 Firmware by Qualcomm

Apq8053 Aa Firmware by Qualcomm

Apq8053 Ac Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Ar6003 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

C V2x 9150 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Mdm8207 Firmware by Qualcomm

Mdm8215 Firmware by Qualcomm

Mdm8215m Firmware by Qualcomm

Mdm8615m Firmware by Qualcomm

Mdm9215 Firmware by Qualcomm

Mdm9230 Firmware by Qualcomm

Mdm9250 Firmware by Qualcomm

Mdm9310 Firmware by Qualcomm

Mdm9330 Firmware by Qualcomm

Mdm9615 Firmware by Qualcomm

Mdm9615m Firmware by Qualcomm

Mdm9628 Firmware by Qualcomm

Mdm9630 Firmware by Qualcomm

Mdm9640 Firmware by Qualcomm

Mdm9650 Firmware by Qualcomm

Msm8108 Firmware by Qualcomm

Msm8209 Firmware by Qualcomm

Msm8608 Firmware by Qualcomm

Msm8905 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Qca4004 Firmware by Qualcomm

Qca6174 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6310 Firmware by Qualcomm

Qca6320 Firmware by Qualcomm

Qca6335 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584 Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9367 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcm4325 Firmware by Qualcomm

Qcm4490 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcn6024 Firmware by Qualcomm

Qcn9024 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm