CVE-2022-33255

CVE Database · CVE-2022-33255

CVE-2022-33255

· HIGHModified

CVSS v3.1

8.2

EPSS

0.41%

Published

Jan 9, 2023

Modified

Apr 9, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Weaknesses (CWE)

CWE-125CWE-787

Affected Products (184)

qualcomm · apq8009_firmwarevulnerable

qualcomm · apq8009

qualcomm · ar8031_firmwarevulnerable

qualcomm · ar8031

qualcomm · csra6620_firmwarevulnerable

qualcomm · csra6620

qualcomm · csra6640_firmwarevulnerable

qualcomm · csra6640

qualcomm · msm8108_firmwarevulnerable

qualcomm · msm8108

qualcomm · msm8208_firmwarevulnerable

· msm8208

References (2)

https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin

PatchVendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs

qualcomm · msm8209_firmwarevulnerable

qualcomm · msm8608_firmwarevulnerable

qualcomm · qca6310_firmwarevulnerable

qualcomm · qca6320_firmwarevulnerable

qualcomm · qca6335_firmwarevulnerable

qualcomm · qca6390_firmwarevulnerable

qualcomm · qca6391_firmwarevulnerable

qualcomm · qca6421_firmwarevulnerable

qualcomm · qca6426_firmwarevulnerable

qualcomm · qca6431_firmwarevulnerable

qualcomm · qca6436_firmwarevulnerable

qualcomm · qca6574_firmwarevulnerable

qualcomm · qca6574a_firmwarevulnerable

qualcomm · qca6574a

qualcomm · qca6574au_firmwarevulnerable

qualcomm · qca6574au

qualcomm · qca6595_firmwarevulnerable

qualcomm · qca6595au_firmwarevulnerable

qualcomm · qca6595au

qualcomm · qca6696_firmwarevulnerable

qualcomm · qcc5100_firmwarevulnerable

qualcomm · qcm6125_firmwarevulnerable