Vulnerabilities > Qualcomm > Mdm9207 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-21626 Improper Authentication vulnerability in Qualcomm products
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
local
low complexity
qualcomm CWE-287
7.1
2023-04-13 CVE-2022-33258 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure due to buffer over-read in modem while reading configuration parameters.
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-25726 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-25730 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem due to improper check of IP type while processing DNS server query
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-25731 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem due to buffer over-read while processing packets from DNS server
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-25737 Use of Uninitialized Resource vulnerability in Qualcomm products
Information disclosure in modem due to missing NULL check while reading packets received from local network
network
low complexity
qualcomm CWE-908
7.5
2023-04-13 CVE-2022-25739 NULL Pointer Dereference vulnerability in Qualcomm products
Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call
network
low complexity
qualcomm CWE-476
7.5
2023-04-13 CVE-2022-25747 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-33222 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure due to buffer over-read while parsing DNS response packets in Modem.
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-33223 NULL Pointer Dereference vulnerability in Qualcomm products
Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding.
network
low complexity
qualcomm CWE-476
7.5