Lucene search

[email protected]NVD:CVE-2022-26447

HistorySep 06, 2022 - 6:15 p.m.

CVE-2022-26447

2022-09-0618:15:11

CWE-787

[email protected]

web.nvd.nist.gov

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

46.7%

JSON

In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478.

Affected configurations

NVD

Node

googleandroidMatch10.0

googleandroidMatch11.0

googleandroidMatch12.0

yoctoprojectyoctoMatch3.1

AND

mediatekmt6580Match-

mediatekmt6735Match-

mediatekmt6737Match-

mediatekmt6739Match-

mediatekmt6750sMatch-

mediatekmt6753Match-

mediatekmt6755sMatch-

mediatekmt6757Match-

mediatekmt6757cMatch-

mediatekmt6757cdMatch-

mediatekmt6757chMatch-

mediatekmt6763Match-

mediatekmt6771Match-

mediatekmt8163Match-

mediatekmt8167Match-

mediatekmt8167sMatch-

mediatekmt8173Match-

mediatekmt8183Match-

mediatekmt8321Match-

mediatekmt8362aMatch-

mediatekmt8385Match-

mediatekmt8518Match-

mediatekmt8532Match-

mediatekmt8765Match-

mediatekmt8788Match-

References

corp.mediatek.com/product-security-bulletin/September-2022

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

46.7%

JSON

Related for NVD:CVE-2022-26447

cve1 cvelist1 prion1