CVE-2022-32655

In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://corp.mediatek.com/product-security-bulletin/February-2023	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*

History

08 Aug 2023, 14:22

Type	Values Removed	Values Added
CWE	~~CWE-20~~	CWE-755

Information

Published : 2023-02-06 20:15

Updated : 2024-02-28 19:51

NVD link : CVE-2022-32655

Mitre link : CVE-2022-32655

CVE.ORG link : CVE-2022-32655

JSON object : View

Products Affected

mediatek

mt7933_firmware
mt7986
mt8175_firmware
mt8385_firmware
mt7629_firmware
mt7697_firmware
mt8518s
mt8788_firmware
mt7603_firmware
mt7687_firmware
mt8532
mt7628_firmware
mt7682
mt8696_firmware
mt7933
mt7603
mt7686_firmware
mt8532_firmware
mt7663
mt7916_firmware
mt8788
mt7915_firmware
mt8365
mt7981
mt7629
mt5221
mt7697
mt8696
mt7921
mt7986_firmware
mt7628
mt7663_firmware
mt7902_firmware
mt7615
mt7686
mt8362a
mt7687
mt8362a_firmware
mt7916
mt8167s_firmware
mt7915
mt8365_firmware
mt7921_firmware
mt8695
mt7615_firmware
mt8518s_firmware
mt8167s
mt8695_firmware
mt8385
mt7902
mt7981_firmware
mt8175
mt5221_firmware
mt7613
mt7668_firmware
mt7668
mt7613_firmware
mt7682_firmware
mt7622_firmware
mt7622

CWE

CWE-755

Improper Handling of Exceptional Conditions

6.7 /10