Lucene search

[email protected]NVD:CVE-2022-20097

HistoryMay 03, 2022 - 8:15 p.m.

CVE-2022-20097

2022-05-0320:15:08

CWE-362

[email protected]

web.nvd.nist.gov

aee daemon

vulnerability

information disclosure

race condition

local

no user interaction

patch id

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

5.1%

JSON

In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06383944.

Affected configurations

Nvd

Node

googleandroidMatch11.0

googleandroidMatch12.0

AND

mediatekmt6580Match-

mediatekmt6739Match-

mediatekmt6761Match-

mediatekmt6762Match-

mediatekmt6765Match-

mediatekmt6768Match-

mediatekmt6769Match-

mediatekmt6771Match-

mediatekmt6779Match-

mediatekmt6781Match-

mediatekmt6785Match-

mediatekmt6789Match-

mediatekmt6833Match-

mediatekmt6853Match-

mediatekmt6853tMatch-

mediatekmt6873Match-

mediatekmt6875Match-

mediatekmt6877Match-

mediatekmt6879Match-

mediatekmt6883Match-

mediatekmt6885Match-

mediatekmt6889Match-

mediatekmt6891Match-

mediatekmt6893Match-

mediatekmt6895Match-

mediatekmt6983Match-

mediatekmt8163Match-

mediatekmt8167Match-

mediatekmt8168Match-

mediatekmt8173Match-

mediatekmt8185Match-

mediatekmt8321Match-

mediatekmt8362aMatch-

mediatekmt8365Match-

mediatekmt8735Match-

mediatekmt8735bMatch-

mediatekmt8765Match-

mediatekmt8766Match-

mediatekmt8768Match-

mediatekmt8786Match-

mediatekmt8788Match-

mediatekmt8789Match-

mediatekmt8791Match-

mediatekmt8797Match-

VendorProductVersionCPE
googleandroid11.0cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
googleandroid12.0cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
mediatekmt6580-cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*
mediatekmt6739-cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
mediatekmt6761-cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
mediatekmt6762-cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*
mediatekmt6765-cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
mediatekmt6768-cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
mediatekmt6769-cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*
mediatekmt6771-cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	11.0	cpe:2.3:o:google:android:11.0:::::::*
google	android	12.0	cpe:2.3:o:google:android:12.0:::::::*
mediatek	mt6580	-	cpe:2.3:h:mediatek:mt6580:-:::::::*
mediatek	mt6739	-	cpe:2.3:h:mediatek:mt6739:-:::::::*
mediatek	mt6761	-	cpe:2.3:h:mediatek:mt6761:-:::::::*
mediatek	mt6762	-	cpe:2.3:h:mediatek:mt6762:-:::::::*
mediatek	mt6765	-	cpe:2.3:h:mediatek:mt6765:-:::::::*
mediatek	mt6768	-	cpe:2.3:h:mediatek:mt6768:-:::::::*
mediatek	mt6769	-	cpe:2.3:h:mediatek:mt6769:-:::::::*
mediatek	mt6771	-	cpe:2.3:h:mediatek:mt6771:-:::::::*

Rows per page:

1-10 of 461

References

corp.mediatek.com/product-security-bulletin/May-2022

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2022-20097

prion1 cve1 cvelist1