{"containers": {"cna": {"affected": [{"product": "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", "vendor": "MediaTek, Inc.", "versions": [{"status": "affected", "version": "7.6.2.3"}]}], "descriptions": [{"lang": "en", "value": "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013."}], "problemTypes": [{"descriptions": [{"description": "Elevation of Privilege", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-01T13:58:53", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://corp.mediatek.com/product-security-bulletin/August-2022"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mediatek.com", "ID": "CVE-2022-26438", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", "version": {"version_data": [{"version_value": "7.6.2.3"}]}}]}, "vendor_name": "MediaTek, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Elevation of Privilege"}]}]}, "references": {"reference_data": [{"name": "https://corp.mediatek.com/product-security-bulletin/August-2022", "refsource": "MISC", "url": "https://corp.mediatek.com/product-security-bulletin/August-2022"}]}}}}, "cveMetadata": {"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2022-26438", "datePublished": "2022-08-01T13:58:53", "dateReserved": "2022-03-04T00:00:00", "dateUpdated": "2022-08-01T13:58:53", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0A802BEB-F802-47E7-9F42-5E43270B404B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "97276E66-7481-477F-BB98-039EB0417568", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", "matchCriteriaId": "576AE083-F993-4F1A-B6A1-9481E44FB358", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "CAA2798C-4692-46E8-BF82-FABA523B0054", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "5A3887B7-E905-46AE-8920-8FCAADF45656", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", "matchCriteriaId": "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", "matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "5FE40754-3614-4C45-9DF2-B48B483124DF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B0B94BA-F66C-461D-920C-1E878E6849E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "92674CFB-109A-43FC-8EBC-4FE42165332F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", "matchCriteriaId": "55EB4B27-6264-45BE-9A22-BE8418BB0C06", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", "matchCriteriaId": "7476AF58-342B-4E2A-BEAD-E379097148D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", "matchCriteriaId": "29C210A3-C71E-4010-9DD6-9E36CADC9EED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "CD444095-9C7D-406B-A61C-D7D058DB53A5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C9F840F1-3C6E-4249-A259-69C20410599F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0A3406DF-842F-48E5-9FA8-C3EBFB191876", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", "matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", "matchCriteriaId": "5517F263-2589-47B7-8958-6B71E236A39D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013."}, {"lang": "es", "value": "En wifi driver, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: GN20220420013; ID de Incidencia: GN20220420013"}], "id": "CVE-2022-26438", "lastModified": "2022-08-05T03:44:38.600", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-01T14:15:09.537", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/August-2022"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}