CVE-2022-33288 | Buffer copy without checking the size of input in Core

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

Published: 2023-04-13 Last update: 2026-06-17 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2022-33288 is rated Moderate Risk (42.7/100): CVSS Critical severity, with low exploitation likelihood (EPSS 0.05%). Mandatory action: Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2022-33288

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-11-21 0.05% 0.05% +0.00%
2 2025-11-18 0.05% 0.05% -0.00%
3 2025-03-17 0.05%

Full EPSS history (4 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2022-33288

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.3 3.1 CRITICAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:C)
Breaking this can reach past the original component and bite other resources—bigger blast radius.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
2.5 6.0 [email protected]
8.8 3.1 HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L)
A normal user session is enough; they don’t have to be admin.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:C)
Breaking this can reach past the original component and bite other resources—bigger blast radius.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
2.0 6.0 [email protected]

Weakness enumeration for CVE-2022-33288

Affected software / configurations for CVE-2022-33288

Vendor Product Version Raw CPE
qualcomm 315_5g_iot_modem_firmware cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*
qualcomm aqt1000_firmware cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
qualcomm ar8035_firmware cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3998_firmware cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
qualcomm wcn6750_firmware cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*
qualcomm qca6390_firmware cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
qualcomm wcn685x-5_firmware cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*
qualcomm wcn685x-1_firmware cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*
qualcomm wcn785x-1_firmware cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*
qualcomm wcn785x-5_firmware cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*
qualcomm flight_rb5_5g_platform_firmware cpe:2.3:o:qualcomm:flight_rb5_5g_platform_firmware:-:*:*:*:*:*:*:*
qualcomm qam8295p_firmware cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*
qualcomm qca6174a_firmware cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
qualcomm qca6310_firmware cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*
qualcomm qca6335_firmware cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*
qualcomm qca6391_firmware cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
qualcomm qca6420_firmware cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
qualcomm qca6421_firmware cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*
qualcomm qca6426_firmware cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
qualcomm qca6430_firmware cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
qualcomm qca6431_firmware cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*
qualcomm qca6436_firmware cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
qualcomm qca6564a_firmware cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*
qualcomm qca6564au_firmware cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*
qualcomm qca6574_firmware cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*
qualcomm qca6574a_firmware cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
qualcomm qca6574au_firmware cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
qualcomm qca6595_firmware cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*
qualcomm qca6595au_firmware cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
qualcomm qca6696_firmware cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*
qualcomm qca6698aq_firmware cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*
qualcomm qca8081_firmware cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
qualcomm qca8337_firmware cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*
qualcomm qca9377_firmware cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*
qualcomm qcm6490_firmware cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
qualcomm qcn6024_firmware cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*
qualcomm qcn9011_firmware cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*
qualcomm qcn9012_firmware cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*
qualcomm qcn9024_firmware cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*
qualcomm qcs6490_firmware cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*
qualcomm qrb5165m_firmware cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*
qualcomm qrb5165n_firmware cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*
qualcomm qsm8250_firmware cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*
qualcomm qsm8350_firmware cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*
qualcomm sda\/sdm845_firmware cpe:2.3:o:qualcomm:sda\/sdm845_firmware:-:*:*:*:*:*:*:*
qualcomm qrb5165_firmware cpe:2.3:o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:*
qualcomm sa6145p_firmware cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*
qualcomm sa6155_firmware cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*
qualcomm sa6155p_firmware cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8150p_firmware cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8155_firmware cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*
qualcomm sa8155p_firmware cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8295p_firmware cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8540p_firmware cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*
qualcomm sa9000p_firmware cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*
qualcomm sc8180x\+sdx55_firmware cpe:2.3:o:qualcomm:sc8180x\+sdx55_firmware:-:*:*:*:*:*:*:*
qualcomm sd_675_firmware cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*
qualcomm sd_8_gen1_5g_firmware cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
qualcomm sd_8cx_firmware cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*
qualcomm sd_8cx_gen2_firmware cpe:2.3:o:qualcomm:sd_8cx_gen2_firmware:-:*:*:*:*:*:*:*
qualcomm sd_8cx_gen3_firmware cpe:2.3:o:qualcomm:sd_8cx_gen3_firmware:-:*:*:*:*:*:*:*
qualcomm sd670_firmware cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*
qualcomm sd675_firmware cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*
qualcomm sd778g_firmware cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*
qualcomm sd855_firmware cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
qualcomm sd865_5g_firmware cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
qualcomm sd888_firmware cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*
qualcomm sdx55_firmware cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*
qualcomm sdx57m_firmware cpe:2.3:o:qualcomm:sdx57m_firmware:-:*:*:*:*:*:*:*
qualcomm sm7250p_firmware cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*
qualcomm sm7315_firmware cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*
qualcomm sm7325p_firmware cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*
qualcomm sdm670_firmware cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*
qualcomm sm6150_firmware cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*
qualcomm sm6150-ac_firmware cpe:2.3:o:qualcomm:sm6150-ac_firmware:-:*:*:*:*:*:*:*
qualcomm sm6350_firmware cpe:2.3:o:qualcomm:sm6350_firmware:-:*:*:*:*:*:*:*
qualcomm sm7225_firmware cpe:2.3:o:qualcomm:sm7225_firmware:-:*:*:*:*:*:*:*
qualcomm sm7250-aa_firmware cpe:2.3:o:qualcomm:sm7250-aa_firmware:-:*:*:*:*:*:*:*
qualcomm sm7250-ab_firmware cpe:2.3:o:qualcomm:sm7250-ab_firmware:-:*:*:*:*:*:*:*
qualcomm sm7250-ac_firmware cpe:2.3:o:qualcomm:sm7250-ac_firmware:-:*:*:*:*:*:*:*

References for CVE-2022-33288

cvelogic Threat Intelligence