CVE-2022-20030

2022-02-0922:05:35

MediaTek

www.cve.org

vow driver

buffer overflow

local privilege escalation

patch alps05837793

issue alps05837793

EPSS

Percentile

5.1%

JSON

In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837793; Issue ID: ALPS05837793.

CNA Affected

[
  {
    "product": "MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8789, MT8791, MT8797",
    "vendor": "MediaTek, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "Android 10.0, 11.0, 12.0"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/February-2022

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-20030