{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-26475", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "dateUpdated": "2022-10-07T00:00:00", "dateReserved": "2022-03-04T00:00:00", "datePublished": "2022-10-07T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2022-10-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743."}], "affected": [{"vendor": "MediaTek, Inc.", "product": "MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6853, MT6855, MT6873, MT6875, MT6879, MT6883, MT6885, MT6889, MT6895, MT6983, MT7663, MT7902, MT7921, MT8167S, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8512A, MT8518, MT8532, MT8667, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789", "versions": [{"version": "Android 11.0, 12.0 and Yocto 3.1, 3.3", "status": "affected"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Elevation of Privilege"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*", "matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", "matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", "matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", "matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*", "matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", "matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", "matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8512a:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABD3F702-DE9F-4481-8098-02A7B83F9868", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*", "matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743."}, {"lang": "es", "value": "En wlan, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS07310743; ID de incidencia: ALPS07310743"}], "id": "CVE-2022-26475", "lastModified": "2023-12-22T20:54:25.650", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-07T20:15:11.237", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/October-2022"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}