{"id": "CVE-2022-26443", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}]}, "published": "2022-08-01T14:15:09.757", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/August-2022", "tags": ["Vendor Advisory"], "source": "security@mediatek.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068."}, {"lang": "es", "value": "En wifi driver, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: GN20220420068; ID de Incidencia: GN20220420068"}], "lastModified": "2022-08-05T03:41:01.927", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A802BEB-F802-47E7-9F42-5E43270B404B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97276E66-7481-477F-BB98-039EB0417568"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "576AE083-F993-4F1A-B6A1-9481E44FB358"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAA2798C-4692-46E8-BF82-FABA523B0054"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A3887B7-E905-46AE-8920-8FCAADF45656"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FE40754-3614-4C45-9DF2-B48B483124DF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1B0B94BA-F66C-461D-920C-1E878E6849E9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92674CFB-109A-43FC-8EBC-4FE42165332F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "55EB4B27-6264-45BE-9A22-BE8418BB0C06"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7476AF58-342B-4E2A-BEAD-E379097148D2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29C210A3-C71E-4010-9DD6-9E36CADC9EED"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD444095-9C7D-406B-A61C-D7D058DB53A5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9F840F1-3C6E-4249-A259-69C20410599F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A3406DF-842F-48E5-9FA8-C3EBFB191876"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5517F263-2589-47B7-8958-6B71E236A39D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@mediatek.com"}