Lucene search

[email protected]NVD:CVE-2022-20104

HistoryMay 03, 2022 - 9:15 p.m.

CVE-2022-20104

2022-05-0321:15:09

[email protected]

web.nvd.nist.gov

information disclosure

aee daemon

improper access control

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

5.1%

JSON

In aee daemon, there is a possible information disclosure due to improper access control. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06284104.

Affected configurations

Nvd

Node

mediatekmt6580Match-

mediatekmt6739Match-

mediatekmt6761Match-

mediatekmt6762Match-

mediatekmt6765Match-

mediatekmt6768Match-

mediatekmt6769Match-

mediatekmt6771Match-

mediatekmt6779Match-

mediatekmt6781Match-

mediatekmt6785Match-

mediatekmt6789Match-

mediatekmt6833Match-

mediatekmt6853Match-

mediatekmt6853tMatch-

mediatekmt6873Match-

mediatekmt6875Match-

mediatekmt6877Match-

mediatekmt6879Match-

mediatekmt6883Match-

mediatekmt6885Match-

mediatekmt6889Match-

mediatekmt6891Match-

mediatekmt6893Match-

mediatekmt6895Match-

mediatekmt6983Match-

mediatekmt8163Match-

mediatekmt8167Match-

mediatekmt8168Match-

mediatekmt8173Match-

mediatekmt8185Match-

mediatekmt8321Match-

mediatekmt8362aMatch-

mediatekmt8365Match-

mediatekmt8735Match-

mediatekmt8735bMatch-

mediatekmt8765Match-

mediatekmt8766Match-

mediatekmt8768Match-

mediatekmt8786Match-

mediatekmt8788Match-

mediatekmt8789Match-

mediatekmt8791Match-

mediatekmt8797Match-

AND

googleandroidMatch11.0

googleandroidMatch12.0

VendorProductVersionCPE
mediatekmt6580-cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*
mediatekmt6739-cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
mediatekmt6761-cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
mediatekmt6762-cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*
mediatekmt6765-cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
mediatekmt6768-cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
mediatekmt6769-cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*
mediatekmt6771-cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*
mediatekmt6779-cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
mediatekmt6781-cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mediatek	mt6580	-	cpe:2.3:h:mediatek:mt6580:-:::::::*
mediatek	mt6739	-	cpe:2.3:h:mediatek:mt6739:-:::::::*
mediatek	mt6761	-	cpe:2.3:h:mediatek:mt6761:-:::::::*
mediatek	mt6762	-	cpe:2.3:h:mediatek:mt6762:-:::::::*
mediatek	mt6765	-	cpe:2.3:h:mediatek:mt6765:-:::::::*
mediatek	mt6768	-	cpe:2.3:h:mediatek:mt6768:-:::::::*
mediatek	mt6769	-	cpe:2.3:h:mediatek:mt6769:-:::::::*
mediatek	mt6771	-	cpe:2.3:h:mediatek:mt6771:-:::::::*
mediatek	mt6779	-	cpe:2.3:h:mediatek:mt6779:-:::::::*
mediatek	mt6781	-	cpe:2.3:h:mediatek:mt6781:-:::::::*

Rows per page:

1-10 of 461

References

corp.mediatek.com/product-security-bulletin/May-2022

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2022-20104

prion1 cvelist1 cve1