Feb 11, 2023 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- 6 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
CVE-2022-25729
Memory corruption in modem due to improper length check while copying into memory
New critical Qualcomm Ar8031 Firmware Memory Corruption (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2022-33279
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.
New critical Qualcomm Ar9380 Firmware Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2022-40514
Qualcomm Aqt1000 Firmware Memory Corruption
New critical Qualcomm Aqt1000 Firmware Memory Corruption (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Memory corruption in modem due to improper length check while copying into memory
Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows PHP Local File Inclusion.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Group Arge Energy and Control Syste...
View critical disclosures
cvelogic
Threat Intelligence