CVE-2022-32617

2022-11-0800:00:00

MediaTek

www.cve.org

typec

out of bounds write

privilege escalation

physical access

no user interaction

patch alps07262364

issue alps07262364

0.0005 Low

EPSS

Percentile

17.8%

JSON

In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262364; Issue ID: ALPS07262364.

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT6789, MT6855, MT6895, MT6983, MT8798",
    "versions": [
      {
        "version": "Android 11.0, 12.0, 13.0",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/November-2022

0.0005 Low

EPSS

Percentile

17.8%

JSON

Related for CVELIST:CVE-2022-32617