CVE-2022-33266

MEDIUM

Published 2023-01-06T05:02:21.689Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2022-33266. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1

5.9

/10

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14

0.001

probability

of exploitation in the wild

There is a 0.1% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25

Exploit Probability

Percentile: 0.185

Higher than 18.5% of all CVEs

Attack Vector Metrics

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Description

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Qualcomm, Inc.

Snapdragon

Affected Versions:

APQ8009 APQ8009W APQ8017 APQ8064AU APQ8096AU AQT1000 AR8031 AR8035 CSRA6620 CSRA6640 CSRB31024 MDM9150 MDM9206 MDM9250 MDM9607 MDM9628 MDM9650 MSM8108 MSM8208 MSM8209 MSM8608 MSM8909W MSM8996AU QAM8295P QCA6174A QCA6310 QCA6320 QCA6335 QCA6390 QCA6391 QCA6420 QCA6421 QCA6426 QCA6430 QCA6431 QCA6436 QCA6564 QCA6564A QCA6564AU QCA6574 QCA6574A QCA6574AU QCA6584AU QCA6595AU QCA6696 QCA8337 QCA9367 QCA9377 QCC5100 QCN9074 QCS405 QCS410 QCS605 QCS610 QRB5165 Qualcomm215 SA415M SA515M SA6145P SA6150P SA6155 SA6155P SA8145P SA8150P SA8155 SA8155P SA8195P SA8295P SD 8 Gen1 5G SD205 SD210 SD429 SD625 SD626 SD660 SD835 SD845 SD855 SD865 5G SD870 SDA429W SDM429W SDW2500 SDX20 SDX20M SDX24 SDX55 SDX55M SDXR1 SDXR2 5G SW5100 SW5100P WCD9326 WCD9330 WCD9335 WCD9340 WCD9341 WCD9360 WCD9370 WCD9380 WCD9385 WCN3610 WCN3615 WCN3620 WCN3660B WCN3680 WCN3680B WCN3950 WCN3980 WCN3988 WCN3990 WCN3998 WCN6850 WCN6851 WCN6855 WCN6856 WCN7850 WCN7851 WSA8810 WSA8815 WSA8830 WSA8835

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-pr88-j677-532x

Advisory Details

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.

CVSS Scoring

CVSS Score

7.5

CVSS Vector


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-33266

WEB https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin

Advisory provided by GitHub Security Advisory Database. Published: January 9, 2023, Modified: January 12, 2023

References

https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin

Published: 2023-01-06T05:02:21.689Z

Last Modified: 2025-04-09T19:47:38.935Z

Copied to clipboard!

CVE-2022-33266

Expert Analysis

CVSS Score

EPSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

Affected Products

Snapdragon

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!