Vulnerabilites related to mediatek - mt7603_firmware
cve-2022-32657
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2025-04-10 18:15
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986 |
Version: 7.6.6.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:45.233Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-32657", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-10T18:14:38.213487Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-755", description: "CWE-755 Improper Handling of Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-10T18:15:04.988Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-03T00:00:00.000Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32657", datePublished: "2023-01-03T00:00:00.000Z", dateReserved: "2022-06-09T00:00:00.000Z", dateUpdated: "2025-04-10T18:15:04.988Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32655
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2025-03-26 20:04
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:45.130Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-32655", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T20:04:24.420554Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-755", description: "CWE-755 Improper Handling of Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T20:04:32.709Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-06T00:00:00.000Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32655", datePublished: "2023-02-06T00:00:00.000Z", dateReserved: "2022-06-09T00:00:00.000Z", dateUpdated: "2025-03-26T20:04:32.709Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32656
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2025-03-26 19:56
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:45.240Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-32656", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T19:56:48.844834Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T19:56:53.312Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-06T00:00:00.000Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32656", datePublished: "2023-02-06T00:00:00.000Z", dateReserved: "2022-06-09T00:00:00.000Z", dateUpdated: "2025-03-26T19:56:53.312Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26442
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.816Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:43", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26442", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26442", datePublished: "2022-08-01T13:59:43", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.816Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32663
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2025-03-26 14:33
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:44.927Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-32663", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:24:05.293411Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:33:54.468Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7668, MT7902, MT7915, MT7916, MT7921, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.1", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-06T00:00:00.000Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32663", datePublished: "2023-02-06T00:00:00.000Z", dateReserved: "2022-06-09T00:00:00.000Z", dateUpdated: "2025-03-26T14:33:54.468Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32654
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2025-03-26 20:05
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:44.958Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-32654", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T20:05:17.578107Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T20:05:56.602Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-06T00:00:00.000Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32654", datePublished: "2023-02-06T00:00:00.000Z", dateReserved: "2022-06-09T00:00:00.000Z", dateUpdated: "2025-03-26T20:05:56.602Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26443
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.862Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:56", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26443", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26443", datePublished: "2022-08-01T13:59:56", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.862Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26438
Vulnerability from cvelistv5
Published
2022-08-01 13:58
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.782Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:58:53", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26438", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26438", datePublished: "2022-08-01T13:58:53", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.782Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32659
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2025-04-10 18:11
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8518S, MT8532 |
Version: 7.6.6.0, and Yocto 3.1, 3.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:45.232Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-32659", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-10T18:11:10.917514Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-755", description: "CWE-755 Improper Handling of Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-10T18:11:57.870Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8518S, MT8532", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0, and Yocto 3.1, 3.3", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-03T00:00:00.000Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32659", datePublished: "2023-01-03T00:00:00.000Z", dateReserved: "2022-06-09T00:00:00.000Z", dateUpdated: "2025-04-10T18:11:57.870Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26445
Vulnerability from cvelistv5
Published
2022-08-01 14:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.863Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T14:00:32", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26445", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26445", datePublished: "2022-08-01T14:00:32", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.863Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26441
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.837Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:30", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26441", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26441", datePublished: "2022-08-01T13:59:30", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.837Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26444
Vulnerability from cvelistv5
Published
2022-08-01 14:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.852Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T14:00:15", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26444", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26444", datePublished: "2022-08-01T14:00:15", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.852Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26440
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.664Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:19", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26440", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26440", datePublished: "2022-08-01T13:59:19", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.664Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32658
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2025-04-10 18:13
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986 |
Version: 7.6.6.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:44.925Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-32658", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-10T18:13:25.158778Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-755", description: "CWE-755 Improper Handling of Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-10T18:13:30.604Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-03T00:00:00.000Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32658", datePublished: "2023-01-03T00:00:00.000Z", dateReserved: "2022-06-09T00:00:00.000Z", dateUpdated: "2025-04-10T18:13:30.604Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26439
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.864Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:04", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26439", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26439", datePublished: "2022-08-01T13:59:04", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.864Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32666
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 16:26
Severity ?
EPSS score ?
Summary
In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8365 |
Version: 7.6.6.0 / IOT-v23.0 (Yocto 4.0) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:44.957Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2023", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-32666", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T16:26:43.420231Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T16:26:54.136Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8365", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0 / IOT-v23.0 (Yocto 4.0)", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-04T01:44:59.030Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/July-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32666", datePublished: "2023-07-04T01:44:59.030Z", dateReserved: "2022-06-09T07:04:43.361Z", dateUpdated: "2024-12-04T16:26:54.136Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2025-04-10 19:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.6.0 | |
| mediatek | mt7603 | - | |
| mediatek | mt7613_firmware | 7.6.6.0 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.6.0 | |
| mediatek | mt7615 | - | |
| mediatek | mt7622_firmware | 7.6.6.0 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.6.0 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.6.0 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.6.0 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.6.0 | |
| mediatek | mt7916 | - | |
| mediatek | mt7981_firmware | 7.6.6.0 | |
| mediatek | mt7981 | - | |
| mediatek | mt7986_firmware | 7.6.6.0 | |
| mediatek | mt7986 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.", }, { lang: "es", value: "En el controlador de Wi-Fi, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: GN20220705042; ID del problema: GN20220705042.", }, ], id: "CVE-2022-32657", lastModified: "2025-04-10T19:15:47.543", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-01-03T21:15:12.370", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2025-04-10 19:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.6.0 | |
| mediatek | mt7603 | - | |
| mediatek | mt7613_firmware | 7.6.6.0 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.6.0 | |
| mediatek | mt7615 | - | |
| mediatek | mt7622_firmware | 7.6.6.0 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.6.0 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.6.0 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.6.0 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.6.0 | |
| mediatek | mt7916 | - | |
| mediatek | mt7981_firmware | 7.6.6.0 | |
| mediatek | mt7981 | - | |
| mediatek | mt7986_firmware | 7.6.6.0 | |
| mediatek | mt7986 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.", }, { lang: "es", value: "En el controlador de Wi-Fi, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: GN20220705059; ID del problema: GN20220705059.", }, ], id: "CVE-2022-32658", lastModified: "2025-04-10T19:15:47.710", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-01-03T21:15:12.553", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2025-03-26 20:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1F9621A8-A63C-4831-9887-3C5C62B05FAA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D94F1C2D-5749-4BD7-916A-416A88AA858F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*", matchCriteriaId: "10C79211-F064-499D-914E-0BACD038FBF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C9371F16-8A35-4052-BF0A-500F6042FFBA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*", matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1C293668-B45D-4576-8B25-5B5BCD983891", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*", matchCriteriaId: "413F83A0-2B78-47A4-B80D-4554C01B1F3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5D3B5E86-E109-45AA-97BA-8EC81E55A332", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*", matchCriteriaId: "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7B75820B-B73F-47AB-A25A-4A624767B740", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*", matchCriteriaId: "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5414D487-223D-4195-AEA6-429AD30DFCE4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*", matchCriteriaId: "B70678B8-78D6-4651-BE58-44374273F3FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "605F4D0F-FF81-4CB8-9D25-2FA9410793DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7ED333D7-1DF2-48EB-8617-16D604070D9C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*", matchCriteriaId: "727F29FD-E8DA-46F1-9C98-9D194E981E38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C557CA7B-C1ED-44C3-9E5F-659D74A6359A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3A937256-84A3-48A8-BF28-14C87B09EB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "79456DE4-1CF2-4B64-9BF1-B2F9D841F864", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*", matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE9F2265-32D5-4EEA-8FAD-ECECC8231281", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*", matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DF834C63-5493-480D-9803-9C2FAA6F41AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.", }, ], id: "CVE-2022-32656", lastModified: "2025-03-26T20:15:16.300", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-06T20:15:11.157", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.2.3 | |
| mediatek | mt7603 | - | |
| mediatek | mt7610_firmware | 7.6.2.3 | |
| mediatek | mt7610 | - | |
| mediatek | mt7612_firmware | 7.6.2.3 | |
| mediatek | mt7612 | - | |
| mediatek | mt7613_firmware | 7.6.2.3 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.2.3 | |
| mediatek | mt7615 | - | |
| mediatek | mt7620_firmware | 7.6.2.3 | |
| mediatek | mt7620 | - | |
| mediatek | mt7622_firmware | 7.6.2.3 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.2.3 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.2.3 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.2.3 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.2.3 | |
| mediatek | mt7916 | - | |
| mediatek | mt7986_firmware | 7.6.2.3 | |
| mediatek | mt7986 | - | |
| mediatek | mt8981_firmware | 7.6.2.3 | |
| mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420037; ID de Incidencia: GN20220420037", }, ], id: "CVE-2022-26440", lastModified: "2024-11-21T06:53:57.127", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.627", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2025-04-10 19:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.", }, { lang: "es", value: "En el controlador de Wi-Fi, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: GN20220705066; ID del problema: GN20220705066.", }, ], id: "CVE-2022-32659", lastModified: "2025-04-10T19:15:47.907", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-01-03T21:15:12.603", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.2.3 | |
| mediatek | mt7603 | - | |
| mediatek | mt7610_firmware | 7.6.2.3 | |
| mediatek | mt7610 | - | |
| mediatek | mt7612_firmware | 7.6.2.3 | |
| mediatek | mt7612 | - | |
| mediatek | mt7613_firmware | 7.6.2.3 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.2.3 | |
| mediatek | mt7615 | - | |
| mediatek | mt7620_firmware | 7.6.2.3 | |
| mediatek | mt7620 | - | |
| mediatek | mt7622_firmware | 7.6.2.3 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.2.3 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.2.3 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.2.3 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.2.3 | |
| mediatek | mt7916 | - | |
| mediatek | mt7986_firmware | 7.6.2.3 | |
| mediatek | mt7986 | - | |
| mediatek | mt8981_firmware | 7.6.2.3 | |
| mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420044; ID de Incidencia: GN20220420044", }, ], id: "CVE-2022-26441", lastModified: "2024-11-21T06:53:57.250", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.670", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.2.3 | |
| mediatek | mt7603 | - | |
| mediatek | mt7610_firmware | 7.6.2.3 | |
| mediatek | mt7610 | - | |
| mediatek | mt7612_firmware | 7.6.2.3 | |
| mediatek | mt7612 | - | |
| mediatek | mt7613_firmware | 7.6.2.3 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.2.3 | |
| mediatek | mt7615 | - | |
| mediatek | mt7620_firmware | 7.6.2.3 | |
| mediatek | mt7620 | - | |
| mediatek | mt7622_firmware | 7.6.2.3 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.2.3 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.2.3 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.2.3 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.2.3 | |
| mediatek | mt7916 | - | |
| mediatek | mt7986_firmware | 7.6.2.3 | |
| mediatek | mt7986 | - | |
| mediatek | mt8981_firmware | 7.6.2.3 | |
| mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420075; ID de Incidencia: GN20220420075", }, ], id: "CVE-2022-26444", lastModified: "2024-11-21T06:53:57.617", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.800", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.2.3 | |
| mediatek | mt7603 | - | |
| mediatek | mt7610_firmware | 7.6.2.3 | |
| mediatek | mt7610 | - | |
| mediatek | mt7612_firmware | 7.6.2.3 | |
| mediatek | mt7612 | - | |
| mediatek | mt7613_firmware | 7.6.2.3 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.2.3 | |
| mediatek | mt7615 | - | |
| mediatek | mt7620_firmware | 7.6.2.3 | |
| mediatek | mt7620 | - | |
| mediatek | mt7622_firmware | 7.6.2.3 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.2.3 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.2.3 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.2.3 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.2.3 | |
| mediatek | mt7916 | - | |
| mediatek | mt7986_firmware | 7.6.2.3 | |
| mediatek | mt7986 | - | |
| mediatek | mt8981_firmware | 7.6.2.3 | |
| mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420051; ID de Incidencia: GN20220420051", }, ], id: "CVE-2022-26442", lastModified: "2024-11-21T06:53:57.377", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.713", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7603_firmware | 7.6.6.0 | |
| mediatek | mt7603 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7613_firmware | 7.6.6.0 | |
| mediatek | mt7613 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7615_firmware | 7.6.6.0 | |
| mediatek | mt7615 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7622_firmware | 7.6.6.0 | |
| mediatek | mt7622 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7628_firmware | 7.6.6.0 | |
| mediatek | mt7628 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7629_firmware | 7.6.6.0 | |
| mediatek | mt7629 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7915_firmware | 7.6.6.0 | |
| mediatek | mt7915 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7916_firmware | 7.6.6.0 | |
| mediatek | mt7916 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7981_firmware | 7.6.6.0 | |
| mediatek | mt7981 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt7986_firmware | 7.6.6.0 | |
| mediatek | mt7986 | - | |
| linuxfoundation | yocto | 4.0 | |
| mediatek | mt8365_firmware | 7.6.6.0 | |
| mediatek | mt8365 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.", }, ], id: "CVE-2022-32666", lastModified: "2024-11-21T07:06:50.657", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-07-04T02:15:09.480", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.2.3 | |
| mediatek | mt7603 | - | |
| mediatek | mt7610_firmware | 7.6.2.3 | |
| mediatek | mt7610 | - | |
| mediatek | mt7612_firmware | 7.6.2.3 | |
| mediatek | mt7612 | - | |
| mediatek | mt7613_firmware | 7.6.2.3 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.2.3 | |
| mediatek | mt7615 | - | |
| mediatek | mt7620_firmware | 7.6.2.3 | |
| mediatek | mt7620 | - | |
| mediatek | mt7622_firmware | 7.6.2.3 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.2.3 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.2.3 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.2.3 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.2.3 | |
| mediatek | mt7916 | - | |
| mediatek | mt7986_firmware | 7.6.2.3 | |
| mediatek | mt7986 | - | |
| mediatek | mt8981_firmware | 7.6.2.3 | |
| mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420088; ID de Incidencia: GN20220420088", }, ], id: "CVE-2022-26445", lastModified: "2024-11-21T06:53:57.747", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.843", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2025-03-26 15:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "FA350781-A776-48D1-A9C3-1EB32DC152D3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "44F24643-4E2F-49A1-8FE9-8B2105C87CC1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C76FDEBB-51AF-4367-9669-172D4803E11E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "1B1B95AE-F68D-4E3E-BD71-460576776218", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "1E5423C5-3A3D-4496-B8D6-857C90329CEE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "4D2CC90E-F75D-40DC-894E-9AF171338FD2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "2159C96A-299E-4636-B129-2BEAC9B607DE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "DF127C7A-44E3-441A-AD95-63DE93C7E9EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*", matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "A6864912-841E-41A4-9E30-6E8CA2B6F44D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "EDEC60B1-A589-4BC4-80A8-ED1D3B2F38AE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "B562C9FF-8527-4D48-8DCE-A30F6E2CC10A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "8B48743A-911C-4B44-9042-A7BFA9B5C53E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "A83A21DA-8E3E-43A4-99E8-0AFC84A172BE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "DC1983D4-082C-4C29-BDAA-13A5BAE02E6A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "EBCA0B42-B959-40A0-8403-4DD5C823E0B9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F2EFD461-3F8E-40F9-AE7F-9E9729C7ED83", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F0E6861E-4197-42A4-A411-2A8E0085E4D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "ECAC8D2E-19F2-4559-B57A-35BFA1736AB8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F716928E-BC95-48F2-AF07-CBD5CA9E72D1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "54F370BA-2715-45EC-8F15-2325EAEDAD1C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "BAA0C430-BC99-4736-978E-3BD91AA049BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "733A3CF0-CF17-412E-A93D-E8E093EB334D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.", }, ], id: "CVE-2022-32663", lastModified: "2025-03-26T15:15:38.863", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-06T20:15:11.203", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2025-03-26 20:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1F9621A8-A63C-4831-9887-3C5C62B05FAA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D94F1C2D-5749-4BD7-916A-416A88AA858F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*", matchCriteriaId: "10C79211-F064-499D-914E-0BACD038FBF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C9371F16-8A35-4052-BF0A-500F6042FFBA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*", matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1C293668-B45D-4576-8B25-5B5BCD983891", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*", matchCriteriaId: "413F83A0-2B78-47A4-B80D-4554C01B1F3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5D3B5E86-E109-45AA-97BA-8EC81E55A332", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*", matchCriteriaId: "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7B75820B-B73F-47AB-A25A-4A624767B740", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*", matchCriteriaId: "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5414D487-223D-4195-AEA6-429AD30DFCE4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*", matchCriteriaId: "B70678B8-78D6-4651-BE58-44374273F3FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "605F4D0F-FF81-4CB8-9D25-2FA9410793DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7ED333D7-1DF2-48EB-8617-16D604070D9C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*", matchCriteriaId: "727F29FD-E8DA-46F1-9C98-9D194E981E38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C557CA7B-C1ED-44C3-9E5F-659D74A6359A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3A937256-84A3-48A8-BF28-14C87B09EB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "79456DE4-1CF2-4B64-9BF1-B2F9D841F864", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*", matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE9F2265-32D5-4EEA-8FAD-ECECC8231281", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*", matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DF834C63-5493-480D-9803-9C2FAA6F41AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.", }, ], id: "CVE-2022-32654", lastModified: "2025-03-26T20:15:15.900", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-06T20:15:11.057", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.2.3 | |
| mediatek | mt7603 | - | |
| mediatek | mt7610_firmware | 7.6.2.3 | |
| mediatek | mt7610 | - | |
| mediatek | mt7612_firmware | 7.6.2.3 | |
| mediatek | mt7612 | - | |
| mediatek | mt7613_firmware | 7.6.2.3 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.2.3 | |
| mediatek | mt7615 | - | |
| mediatek | mt7620_firmware | 7.6.2.3 | |
| mediatek | mt7620 | - | |
| mediatek | mt7622_firmware | 7.6.2.3 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.2.3 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.2.3 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.2.3 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.2.3 | |
| mediatek | mt7916 | - | |
| mediatek | mt7986_firmware | 7.6.2.3 | |
| mediatek | mt7986 | - | |
| mediatek | mt8981_firmware | 7.6.2.3 | |
| mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420020; ID de Incidencia: GN20220420020", }, ], id: "CVE-2022-26439", lastModified: "2024-11-21T06:53:56.993", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.583", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2025-03-26 20:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1F9621A8-A63C-4831-9887-3C5C62B05FAA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D94F1C2D-5749-4BD7-916A-416A88AA858F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*", matchCriteriaId: "10C79211-F064-499D-914E-0BACD038FBF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C9371F16-8A35-4052-BF0A-500F6042FFBA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*", matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1C293668-B45D-4576-8B25-5B5BCD983891", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*", matchCriteriaId: "413F83A0-2B78-47A4-B80D-4554C01B1F3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5D3B5E86-E109-45AA-97BA-8EC81E55A332", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*", matchCriteriaId: "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7B75820B-B73F-47AB-A25A-4A624767B740", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*", matchCriteriaId: "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5414D487-223D-4195-AEA6-429AD30DFCE4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*", matchCriteriaId: "B70678B8-78D6-4651-BE58-44374273F3FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "605F4D0F-FF81-4CB8-9D25-2FA9410793DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7ED333D7-1DF2-48EB-8617-16D604070D9C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*", matchCriteriaId: "727F29FD-E8DA-46F1-9C98-9D194E981E38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C557CA7B-C1ED-44C3-9E5F-659D74A6359A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3A937256-84A3-48A8-BF28-14C87B09EB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "79456DE4-1CF2-4B64-9BF1-B2F9D841F864", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*", matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE9F2265-32D5-4EEA-8FAD-ECECC8231281", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*", matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DF834C63-5493-480D-9803-9C2FAA6F41AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.", }, ], id: "CVE-2022-32655", lastModified: "2025-03-26T20:15:16.103", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-06T20:15:11.107", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.2.3 | |
| mediatek | mt7603 | - | |
| mediatek | mt7610_firmware | 7.6.2.3 | |
| mediatek | mt7610 | - | |
| mediatek | mt7612_firmware | 7.6.2.3 | |
| mediatek | mt7612 | - | |
| mediatek | mt7613_firmware | 7.6.2.3 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.2.3 | |
| mediatek | mt7615 | - | |
| mediatek | mt7620_firmware | 7.6.2.3 | |
| mediatek | mt7620 | - | |
| mediatek | mt7622_firmware | 7.6.2.3 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.2.3 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.2.3 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.2.3 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.2.3 | |
| mediatek | mt7916 | - | |
| mediatek | mt7986_firmware | 7.6.2.3 | |
| mediatek | mt7986 | - | |
| mediatek | mt8981_firmware | 7.6.2.3 | |
| mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420013; ID de Incidencia: GN20220420013", }, ], id: "CVE-2022-26438", lastModified: "2024-11-21T06:53:56.860", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.537", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt7603_firmware | 7.6.2.3 | |
| mediatek | mt7603 | - | |
| mediatek | mt7610_firmware | 7.6.2.3 | |
| mediatek | mt7610 | - | |
| mediatek | mt7612_firmware | 7.6.2.3 | |
| mediatek | mt7612 | - | |
| mediatek | mt7613_firmware | 7.6.2.3 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.2.3 | |
| mediatek | mt7615 | - | |
| mediatek | mt7620_firmware | 7.6.2.3 | |
| mediatek | mt7620 | - | |
| mediatek | mt7622_firmware | 7.6.2.3 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.2.3 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.2.3 | |
| mediatek | mt7629 | - | |
| mediatek | mt7915_firmware | 7.6.2.3 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.2.3 | |
| mediatek | mt7916 | - | |
| mediatek | mt7986_firmware | 7.6.2.3 | |
| mediatek | mt7986 | - | |
| mediatek | mt8981_firmware | 7.6.2.3 | |
| mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420068; ID de Incidencia: GN20220420068", }, ], id: "CVE-2022-26443", lastModified: "2024-11-21T06:53:57.493", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.757", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }