CVE-2022-32654

2023-02-0600:00:00

MediaTek

www.cve.org

wi-fi

vulnerability

privilege escalation

local

system execution

error handling

patch id

issue id

0.0004 Low

EPSS

Percentile

5.1%

JSON

In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788",
    "versions": [
      {
        "version": "7.6.6.0",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/February-2023

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-32654