9.8
CRITICAL
CVE-2022-22096
Snapdragon Connectivity Snapdragon Mobile Stack-Based Buffer Overflow
Description

Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile

INFO

Published Date :

Sept. 2, 2022, 12:15 p.m.

Last Modified :

Nov. 21, 2024, 6:46 a.m.

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
Public PoC/Exploit Available at Github

CVE-2022-22096 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2022-22096 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Qualcomm aqt1000_firmware
2 Qualcomm qca6390_firmware
3 Qualcomm qca6391_firmware
4 Qualcomm sd_8_gen1_5g_firmware
5 Qualcomm sd855_firmware
6 Qualcomm sd865_5g_firmware
7 Qualcomm sd870_firmware
8 Qualcomm sd888_5g_firmware
9 Qualcomm sdx55m_firmware
10 Qualcomm wcd9341_firmware
11 Qualcomm wcd9380_firmware
12 Qualcomm wcd9385_firmware
13 Qualcomm wcn3980_firmware
14 Qualcomm wcn3988_firmware
15 Qualcomm wcn3998_firmware
16 Qualcomm wcn6850_firmware
17 Qualcomm wcn6851_firmware
18 Qualcomm wcn6855_firmware
19 Qualcomm wcn6856_firmware
20 Qualcomm wcn7850_firmware
21 Qualcomm wcn7851_firmware
22 Qualcomm wsa8810_firmware
23 Qualcomm wsa8815_firmware
24 Qualcomm wsa8830_firmware
25 Qualcomm wsa8835_firmware
26 Qualcomm wcn3991_firmware
27 Qualcomm wcn6750_firmware
28 Qualcomm sd460_firmware
29 Qualcomm sd662_firmware
30 Qualcomm sd730_firmware
31 Qualcomm sd888_firmware
32 Qualcomm sm6250_firmware
33 Qualcomm sm7250p_firmware
34 Qualcomm sm7315_firmware
35 Qualcomm sm7325p_firmware
36 Qualcomm sm8475_firmware
37 Qualcomm wcd9370_firmware
38 Qualcomm wcd9375_firmware
39 Qualcomm wcn3950_firmware
40 Qualcomm wcn6740_firmware
41 Qualcomm wsa8832_firmware
42 Qualcomm sd480_firmware
43 Qualcomm sd695_firmware
44 Qualcomm sd690_5g_firmware
45 Qualcomm sd765_firmware
46 Qualcomm sd765g_firmware
47 Qualcomm sd768g_firmware
48 Qualcomm sd778g_firmware
49 Qualcomm sd780g_firmware
50 Qualcomm sd_675_firmware
51 Qualcomm sd675_firmware
52 Qualcomm sd678_firmware
53 Qualcomm sd665_firmware
54 Qualcomm sd680_firmware
55 Qualcomm sd720g_firmware
56 Qualcomm sm7450_firmware
57 Qualcomm sm8475p_firmware
58 Qualcomm aqt1000
59 Qualcomm qca6390
60 Qualcomm qca6391
61 Qualcomm sd_675
62 Qualcomm sd460
63 Qualcomm sd662
64 Qualcomm sd665
65 Qualcomm sd675
66 Qualcomm sd690_5g
67 Qualcomm sd720g
68 Qualcomm sd730
69 Qualcomm sd765
70 Qualcomm sd765g
71 Qualcomm sd768g
72 Qualcomm sd855
73 Qualcomm sd865_5g
74 Qualcomm sd888_5g
75 Qualcomm sdx55m
76 Qualcomm sm6250
77 Qualcomm sm7250p
78 Qualcomm wcd9341
79 Qualcomm wcd9370
80 Qualcomm wcd9375
81 Qualcomm wcd9380
82 Qualcomm wcd9385
83 Qualcomm wcn3950
84 Qualcomm wcn3980
85 Qualcomm wcn3988
86 Qualcomm wcn3991
87 Qualcomm wcn3998
88 Qualcomm wcn6740
89 Qualcomm wcn6750
90 Qualcomm wcn6850
91 Qualcomm wcn6851
92 Qualcomm wcn6856
93 Qualcomm wsa8810
94 Qualcomm wsa8815
95 Qualcomm wsa8830
96 Qualcomm wsa8835
97 Qualcomm wcn6855
98 Qualcomm sd480
99 Qualcomm sd888
100 Qualcomm sm8475
101 Qualcomm wcn7850
102 Qualcomm wcn7851
103 Qualcomm sm7315
104 Qualcomm sm7325p
105 Qualcomm wsa8832
106 Qualcomm sd870
107 Qualcomm sd678
108 Qualcomm sd778g
109 Qualcomm sd780g
110 Qualcomm sd680
111 Qualcomm sd695
112 Qualcomm sm7450
113 Qualcomm sm8475p
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-22096.

URL Resource
https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin Patch Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin Patch Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

test 反向辣鸡数据投放 CVE-2022-23305 工具 利用 教程 Exploit POC

cve-2020-

Updated: 2 years, 1 month ago
5 stars 2 fork 2 watcher
Born at : Jan. 21, 2022, 5:07 a.m. This repo has been linked 2633 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-22096 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2022-22096 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Initial Analysis by [email protected]

    Sep. 08, 2022

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin No Types Assigned https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin Patch, Vendor Advisory
    Added CWE NIST CWE-787
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd665:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd678:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd680_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd680:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd690_5g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd695:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd720g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd778g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd780g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm7450_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm7450:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm8475_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:sm8475p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:sm8475p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-22096 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-22096 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.25 }} 0.06%

score

0.64196

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability