CVE-2022-21778

2022-11-0800:00:00

MediaTek

www.cve.org

information disclosure

vpu

local escalation

EPSS

Percentile

5.1%

JSON

In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421.

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT6771, MT6779, MT6785, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6891, MT6893, MT8168, MT8175, MT8183, MT8365, MT8385, MT8788",
    "versions": [
      {
        "version": "Android 10.0, 11.0, 12.0",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/November-2022

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-21778