CVE-2022-33242 — Improper Authentication in INC Snapdragon

Severity

7.8HIGHNVD

EPSS

0.1%

top 71.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 10

Description

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶CVEListV5qualcomm_inc/snapdragon157 versions+156

GHSA

GHSA-5775-77jw-fpqx: Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD↗2023-03-10

▶

Android

CVE-2022-33242: Closed-source component↗2023-03-01

▶