Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed.
Conclusion & alert: CVE-2022-33290 is rated Moderate Risk (40.6/100): CVSS High severity, with low exploitation likelihood (EPSS 0.38%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.26% | 0.38% | +0.12% |
| 2 | 2026-01-11 | 0.36% | 0.26% | -0.10% |
| 3 | 2026-01-10 | — | 0.36% | — |
Full EPSS history (11 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.5 | 3.1 | HIGH |
|
3.9 | 3.6 | [email protected] |
| 7.5 | 3.1 | HIGH |
|
3.9 | 3.6 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| qualcomm | apq8017_firmware | — | cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:* |
| qualcomm | apq8096au_firmware | — | cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ar8031_firmware | — | cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6620_firmware | — | cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6640_firmware | — | cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csrb31024_firmware | — | cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9150_firmware | — | cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9206_firmware | — | cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9250_firmware | — | cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9607_firmware | — | cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9628_firmware | — | cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9640_firmware | — | cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9650_firmware | — | cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:* |
| qualcomm | msm8996au_firmware | — | cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qam8295p_firmware | — | cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6174a_firmware | — | cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6175a_firmware | — | cpe:2.3:o:qualcomm:qca6175a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564a_firmware | — | cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564au_firmware | — | cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574_firmware | — | cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574a_firmware | — | cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574au_firmware | — | cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6584_firmware | — | cpe:2.3:o:qualcomm:qca6584_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6584au_firmware | — | cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6595_firmware | — | cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6595au_firmware | — | cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6696_firmware | — | cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca9367_firmware | — | cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca9377_firmware | — | cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9074_firmware | — | cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs405_firmware | — | cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa415m_firmware | — | cpe:2.3:o:qualcomm:sa415m_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa515m_firmware | — | cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8295p_firmware | — | cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd626_firmware | — | cpe:2.3:o:qualcomm:sd626_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sdx20_firmware | — | cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sdx20m_firmware | — | cpe:2.3:o:qualcomm:sdx20m_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sdx55_firmware | — | cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9326_firmware | — | cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9335_firmware | — | cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9360_firmware | — | cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3660b_firmware | — | cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3680b_firmware | — | cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3980_firmware | — | cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3998_firmware | — | cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8815_firmware | — | cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin | Vendor Advisory |