Lucene search

[email protected]CVE-2022-32663

HistoryFeb 06, 2023 - 8:15 p.m.

CVE-2022-32663

2023-02-0620:15:11

CWE-476

[email protected]

web.nvd.nist.gov

wi-fi

driver

system crash

cve

2022

32663

null pointer

remote denial of service

nvd

gn20220720014

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

51.8%

JSON

In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.

Affected configurations

NVD

Node

mediatekmt5221_firmwareMatch7.6.6.1

AND

mediatekmt5221Match-

Node

mediatekmt7603_firmwareMatch7.6.6.1

AND

mediatekmt7603Match-

Node

mediatekmt7613_firmwareMatch7.6.6.1

AND

mediatekmt7613Match-

Node

mediatekmt7615_firmwareMatch7.6.6.1

AND

mediatekmt7615Match-

Node

mediatekmt7622_firmwareMatch7.6.6.1

AND

mediatekmt7622Match-

Node

mediatekmt7628_firmwareMatch7.6.6.1

AND

mediatekmt7628Match-

Node

mediatekmt7629_firmwareMatch7.6.6.1

AND

mediatekmt7629Match-

Node

mediatekmt7668_firmwareMatch7.6.6.1

AND

mediatekmt7668Match-

Node

mediatekmt7902_firmwareMatch7.6.6.1

AND

mediatekmt7902Match-

Node

mediatekmt7915_firmwareMatch7.6.6.1

AND

mediatekmt7915Match-

Node

mediatekmt7916_firmwareMatch7.6.6.1

AND

mediatekmt7916Match-

Node

mediatekmt7921_firmwareMatch7.6.6.1

AND

mediatekmt7921Match-

Node

mediatekmt7981_firmwareMatch7.6.6.1

AND

mediatekmt7981Match-

Node

mediatekmt7986_firmwareMatch7.6.6.1

AND

mediatekmt7986Match-

Node

mediatekmt8167s_firmwareMatch7.6.6.1

AND

mediatekmt8167sMatch-

Node

mediatekmt8175_firmwareMatch7.6.6.1

AND

mediatekmt8175Match-

Node

mediatekmt8362a_firmwareMatch7.6.6.1

AND

mediatekmt8362aMatch-

Node

mediatekmt8365_firmwareMatch7.6.6.1

AND

mediatekmt8365Match-

Node

mediatekmt8385_firmwareMatch7.6.6.1

AND

mediatekmt8385Match-

Node

mediatekmt8518s_firmwareMatch7.6.6.1

AND

mediatekmt8518sMatch-

Node

mediatekmt8532_firmwareMatch7.6.6.1

AND

mediatekmt8532Match-

Node

mediatekmt8788_firmwareMatch7.6.6.1

AND

mediatekmt8788Match-

CPENameOperatorVersion
mediatek:mt5221_firmwaremediatek mt5221 firmwareeq7.6.6.1

CPE	Name	Operator	Version
mediatek:mt5221_firmware	mediatek mt5221 firmware	eq	7.6.6.1

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7668, MT7902, MT7915, MT7916, MT7921, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8788",
    "versions": [
      {
        "version": "7.6.6.1",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/February-2023

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

51.8%

JSON

Related for CVE-2022-32663

prion1 nvd1 cvelist1