Multiple MediaTek Chip CCCI Input Validation Error Vulnerability

2022-07-0800:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.0004 Low

EPSS

Percentile

5.1%

JSON

MediaTek Inc. is the world’s fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them marketed around the world each year. A number of MediaTek chips have input validation error vulnerabilities in the CCCI. The vulnerability stems from the lack of boundary checks in the CCCI, which could be exploited by attackers to elevate privileges without the need for user interaction.

CPENameOperatorVersion
MediaTek MT6580 Androideq10.0
MediaTek MT6580 Androideq11.0
MediaTek MT6580 Androideq12.0
MediaTek MT6737 Androideq10.0
MediaTek MT6737 Androideq11.0
MediaTek MT6737 Androideq12.0
MediaTek MT6739 Androideq10.0
MediaTek MT6739 Androideq11.0
MediaTek MT6739 Androideq12.0
MediaTek MT6761 Androideq10.0

Name	Operator	Version
MediaTek MT6580 Android	eq	10.0
MediaTek MT6580 Android	eq	11.0
MediaTek MT6580 Android	eq	12.0
MediaTek MT6737 Android	eq	10.0
MediaTek MT6737 Android	eq	11.0
MediaTek MT6737 Android	eq	12.0
MediaTek MT6739 Android	eq	10.0
MediaTek MT6739 Android	eq	11.0
MediaTek MT6739 Android	eq	12.0
MediaTek MT6761 Android	eq	10.0

Rows per page:

1-10 of 1051

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CNVD-2022-66248