Description
In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06419017.
Affected Software
{"id": "CVE-2022-20098", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2022-20098", "description": "In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06419017.", "published": "2022-05-03T20:15:00", "modified": "2022-05-11T14:58:00", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1}, "severity": "LOW", "exploitabilityScore": 3.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 0.8, "impactScore": 3.6}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20098", "reporter": "security@mediatek.com", "references": ["https://corp.mediatek.com/product-security-bulletin/May-2022"], "cvelist": ["CVE-2022-20098"], "immutableFields": [], "lastseen": "2022-05-11T16:45:50", "viewCount": 15, "enchantments": {"twitter": {"counter": 4, "tweets": [{"link": "https://twitter.com/www_sesin_at/status/1524658384724807681", "text": "New post from https://t.co/9KYxtdZjkl (CVE-2022-20098 (android)) has been published on https://t.co/QKw0SXRzqs", "author": "www_sesin_at", "author_photo": "https://pbs.twimg.com/profile_images/958100963822329858/fb_N8h5n_400x400.jpg"}, {"link": "https://twitter.com/WolfgangSesin/status/1524658383348981760", "text": "New post from https://t.co/uXvPWJy6tj (CVE-2022-20098 (android)) has been published on https://t.co/Wnz7cWscBk", "author": "WolfgangSesin", "author_photo": "https://pbs.twimg.com/profile_images/957011635369054208/Om3jbj7z_400x400.jpg"}]}, "vulnersScore": "PENDING"}, "_state": {"twitter": 1652345523}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:google:android:12.0", "cpe:/o:google:android:11.0"], "cpe23": ["cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*"], "cwe": ["CWE-862"], "affectedSoftware": [{"cpeName": "google:android", "version": "11.0", "operator": "eq", "name": "google android"}, {"cpeName": "google:android", "version": "12.0", "operator": "eq", "name": "google android"}], "affectedConfiguration": [{"name": "mediatek mt6785", "cpeName": "mediatek:mt6785", "version": "-", "operator": "eq"}, {"name": "mediatek mt6779", "cpeName": "mediatek:mt6779", "version": "-", "operator": "eq"}, {"name": "mediatek mt6768", "cpeName": "mediatek:mt6768", "version": "-", "operator": "eq"}, {"name": "mediatek mt6769", "cpeName": "mediatek:mt6769", "version": "-", "operator": "eq"}, {"name": "mediatek mt6761", "cpeName": "mediatek:mt6761", "version": "-", "operator": "eq"}, {"name": "mediatek mt6765", "cpeName": "mediatek:mt6765", "version": "-", "operator": "eq"}, {"name": "mediatek mt6762", "cpeName": "mediatek:mt6762", "version": "-", "operator": "eq"}, {"name": "mediatek mt6771", "cpeName": "mediatek:mt6771", "version": "-", "operator": "eq"}, {"name": "mediatek mt6739", "cpeName": "mediatek:mt6739", "version": "-", "operator": "eq"}, {"name": "mediatek mt6580", "cpeName": "mediatek:mt6580", "version": "-", "operator": "eq"}, {"name": "mediatek mt6833", "cpeName": "mediatek:mt6833", "version": "-", "operator": "eq"}, {"name": "mediatek mt6853", "cpeName": "mediatek:mt6853", "version": "-", "operator": "eq"}, {"name": "mediatek mt6853t", "cpeName": "mediatek:mt6853t", "version": "-", "operator": "eq"}, {"name": "mediatek mt6873", "cpeName": "mediatek:mt6873", "version": "-", "operator": "eq"}, {"name": "mediatek mt6875", "cpeName": "mediatek:mt6875", "version": "-", "operator": "eq"}, {"name": "mediatek mt6877", "cpeName": "mediatek:mt6877", "version": "-", "operator": "eq"}, {"name": "mediatek mt6883", "cpeName": "mediatek:mt6883", "version": "-", "operator": "eq"}, {"name": "mediatek mt6885", "cpeName": "mediatek:mt6885", "version": "-", "operator": "eq"}, {"name": "mediatek mt6889", "cpeName": "mediatek:mt6889", "version": "-", "operator": "eq"}, {"name": "mediatek mt6891", "cpeName": "mediatek:mt6891", "version": "-", "operator": "eq"}, {"name": "mediatek mt6893", "cpeName": "mediatek:mt6893", "version": "-", "operator": "eq"}, {"name": "mediatek mt8321", "cpeName": "mediatek:mt8321", "version": "-", "operator": "eq"}, {"name": "mediatek mt8765", "cpeName": "mediatek:mt8765", "version": "-", "operator": "eq"}, {"name": "mediatek mt8766", "cpeName": "mediatek:mt8766", "version": "-", "operator": "eq"}, {"name": "mediatek mt8768", "cpeName": "mediatek:mt8768", "version": "-", "operator": "eq"}, {"name": "mediatek mt8786", "cpeName": "mediatek:mt8786", "version": "-", "operator": "eq"}, {"name": "mediatek mt8788", "cpeName": "mediatek:mt8788", "version": "-", "operator": "eq"}, {"name": "mediatek mt8789", "cpeName": "mediatek:mt8789", "version": "-", "operator": "eq"}, {"name": "mediatek mt8791", "cpeName": "mediatek:mt8791", "version": "-", "operator": "eq"}, {"name": "mediatek mt8797", "cpeName": "mediatek:mt8797", "version": "-", "operator": "eq"}, {"name": "mediatek mt6781", "cpeName": "mediatek:mt6781", "version": "-", "operator": "eq"}, {"name": "mediatek mt6789", "cpeName": "mediatek:mt6789", "version": "-", "operator": "eq"}, {"name": "mediatek mt6879", "cpeName": "mediatek:mt6879", "version": "-", "operator": "eq"}, {"name": "mediatek mt6895", "cpeName": "mediatek:mt6895", "version": "-", "operator": "eq"}, {"name": "mediatek mt6983", "cpeName": "mediatek:mt6983", "version": "-", "operator": "eq"}, {"name": "mediatek mt8163", "cpeName": "mediatek:mt8163", "version": "-", "operator": "eq"}, {"name": "mediatek mt8167", "cpeName": "mediatek:mt8167", "version": "-", "operator": "eq"}, {"name": "mediatek mt8168", "cpeName": "mediatek:mt8168", "version": "-", "operator": "eq"}, {"name": "mediatek mt8173", "cpeName": "mediatek:mt8173", "version": "-", "operator": "eq"}, {"name": "mediatek mt8185", "cpeName": "mediatek:mt8185", "version": "-", "operator": "eq"}, {"name": "mediatek mt8362a", "cpeName": "mediatek:mt8362a", "version": "-", "operator": "eq"}, {"name": "mediatek mt8365", "cpeName": "mediatek:mt8365", "version": "-", "operator": "eq"}, {"name": "mediatek mt8735", "cpeName": "mediatek:mt8735", "version": "-", "operator": "eq"}, {"name": "mediatek mt8735b", "cpeName": "mediatek:mt8735b", "version": "-", "operator": "eq"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8735:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}]}, "extraReferences": [{"url": "https://corp.mediatek.com/product-security-bulletin/May-2022", "name": "https://corp.mediatek.com/product-security-bulletin/May-2022", "refsource": "MISC", "tags": ["Vendor Advisory"]}]}
{}
CVE-2022-20098