Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Conclusion & alert: CVE-2022-33268 is rated Moderate Risk (45.4/100): CVSS High severity, with low exploitation likelihood (EPSS 0.45%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.32% | 0.45% | +0.13% |
| 2 | 2026-01-29 | 0.21% | 0.32% | +0.11% |
| 3 | 2026-01-09 | — | 0.21% | — |
Full EPSS history (9 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 8.2 | 3.1 | HIGH |
|
3.9 | 4.2 | [email protected] |
| 8.1 | 3.1 | HIGH |
|
2.8 | 5.2 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| qualcomm | apq8009_firmware | — | cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:* |
| qualcomm | apq8017_firmware | — | cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ar8031_firmware | — | cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6620_firmware | — | cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6640_firmware | — | cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9206_firmware | — | cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9250_firmware | — | cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9607_firmware | — | cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9628_firmware | — | cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6174a_firmware | — | cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6310_firmware | — | cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6320_firmware | — | cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6335_firmware | — | cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6390_firmware | — | cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6391_firmware | — | cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6426_firmware | — | cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6436_firmware | — | cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564a_firmware | — | cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564au_firmware | — | cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574_firmware | — | cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574a_firmware | — | cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574au_firmware | — | cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6584au_firmware | — | cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6595au_firmware | — | cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6696_firmware | — | cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8337_firmware | — | cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca9367_firmware | — | cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca9377_firmware | — | cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcc5100_firmware | — | cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9011_firmware | — | cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9012_firmware | — | cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9074_firmware | — | cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs405_firmware | — | cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs410_firmware | — | cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs605_firmware | — | cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs610_firmware | — | cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qrb5165_firmware | — | cpe:2.3:o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qrb5165m_firmware | — | cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qrb5165n_firmware | — | cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qualcomm215_firmware | — | cpe:2.3:o:qualcomm:qualcomm215_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa6145p_firmware | — | cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa6150p_firmware | — | cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa6155_firmware | — | cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa6155p_firmware | — | cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8145p_firmware | — | cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8150p_firmware | — | cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8155_firmware | — | cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8155p_firmware | — | cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8195p_firmware | — | cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd_8_gen1_5g_firmware | — | cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd205_firmware | — | cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd210_firmware | — | cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd429_firmware | — | cpe:2.3:o:qualcomm:sd429_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd660_firmware | — | cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd835_firmware | — | cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd845_firmware | — | cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd865_5g_firmware | — | cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd870_firmware | — | cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sdm429w_firmware | — | cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sdx24_firmware | — | cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sdx55_firmware | — | cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sdx55m_firmware | — | cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sdxr1_firmware | — | cpe:2.3:o:qualcomm:sdxr1_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sdxr2_5g_firmware | — | cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sw5100_firmware | — | cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sw5100p_firmware | — | cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9326_firmware | — | cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9330_firmware | — | cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9335_firmware | — | cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9340_firmware | — | cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9341_firmware | — | cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9370_firmware | — | cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9380_firmware | — | cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9385_firmware | — | cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3610_firmware | — | cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3615_firmware | — | cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3620_firmware | — | cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3660b_firmware | — | cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3680_firmware | — | cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3680b_firmware | — | cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin | Patch Vendor Advisory |