CVE-2022-20210

Name of the Vulnerable Software and Affected Versions Android SoC versions (affected versions not specified)

Description The issue is related to a bug in the parsing code of NAS messages, which could be exploited by an attacker to remotely crash the modem, potentially leading to denial of service (DoS) or remote code execution (RCE). The vulnerability is associated with a buffer overflow in the memory of Unisoc microprogrammed software for 2/3/4/5G devices. An attacker could exploit this by sending specially crafted malicious packets.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.