Vulnerability Details : CVE-2022-3407
I some cases, when the device is USB-tethered to a host PC, and the device is sharing its mobile network connection with the host PC, if the user originates a call on the device, then the device's modem may reset and cause the phone call to not succeed. This may block the user from dialing emergency services. This patch resolves the device's modem reset issue.
Products affected by CVE-2022-3407
- cpe:2.3:o:motorola:smartphone_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-3407
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-3407
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
0.7
|
3.6
|
NIST | |
4.9
|
MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H |
0.5
|
4.0
|
Lenovo Group Ltd. |
CWE ids for CVE-2022-3407
-
The product does not release or incorrectly releases a resource before it is made available for re-use.Assigned by: psirt@lenovo.com (Primary)
References for CVE-2022-3407
-
https://en-us.support.motorola.com/app/answers/detail/a_id/175354
Improper Resource Shutdown vulnerability in some Motorola smartphones allows denial-of-service of network services, including emergency services| Motorola Support USVendor Advisory
Jump to