Multiple vulnerabilities in MediaTek Chipsets



Published: 2022-09-05
Risk High
Patch available YES
Number of vulnerabilities 23
CVE-ID CVE-2022-26447
CVE-2022-26448
CVE-2022-26449
CVE-2022-26450
CVE-2022-26451
CVE-2022-26453
CVE-2022-26454
CVE-2022-26455
CVE-2022-26456
CVE-2022-26457
CVE-2022-26458
CVE-2022-26459
CVE-2022-26460
CVE-2022-26461
CVE-2022-26462
CVE-2022-26463
CVE-2022-26464
CVE-2022-26465
CVE-2022-26466
CVE-2022-26467
CVE-2022-26468
CVE-2022-26469
CVE-2022-26470
CWE-ID CWE-787
CWE-362
CWE-416
CWE-190
CWE-755
CWE-61
CWE-475
CWE-125
CWE-470
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
MT6580
Mobile applications / Mobile firmware & hardware

MT6735
Mobile applications / Mobile firmware & hardware

MT6737
Mobile applications / Mobile firmware & hardware

MT6739
Mobile applications / Mobile firmware & hardware

MT6750S
Mobile applications / Mobile firmware & hardware

MT6753
Mobile applications / Mobile firmware & hardware

MT6755S
Mobile applications / Mobile firmware & hardware

MT6757
Mobile applications / Mobile firmware & hardware

MT6757C
Mobile applications / Mobile firmware & hardware

MT6757CD
Mobile applications / Mobile firmware & hardware

MT6757CH
Mobile applications / Mobile firmware & hardware

MT6763
Mobile applications / Mobile firmware & hardware

MT6771
Mobile applications / Mobile firmware & hardware

MT8163
Mobile applications / Mobile firmware & hardware

MT8167
Mobile applications / Mobile firmware & hardware

MT8167S
Mobile applications / Mobile firmware & hardware

MT8173
Mobile applications / Mobile firmware & hardware

MT8183
Mobile applications / Mobile firmware & hardware

MT8321
Mobile applications / Mobile firmware & hardware

MT8362A
Mobile applications / Mobile firmware & hardware

MT8385
Mobile applications / Mobile firmware & hardware

MT8518
Mobile applications / Mobile firmware & hardware

MT8532
Mobile applications / Mobile firmware & hardware

MT8765
Mobile applications / Mobile firmware & hardware

MT8788
Mobile applications / Mobile firmware & hardware

MT6879
Mobile applications / Mobile firmware & hardware

MT6895
Mobile applications / Mobile firmware & hardware

MT6983
Mobile applications / Mobile firmware & hardware

MT6789
Mobile applications / Mobile firmware & hardware

MT6855
Mobile applications / Mobile firmware & hardware

MT8168
Mobile applications / Mobile firmware & hardware

MT8365
Mobile applications / Mobile firmware & hardware

MT6761
Mobile applications / Mobile firmware & hardware

MT6765
Mobile applications / Mobile firmware & hardware

MT6768
Mobile applications / Mobile firmware & hardware

MT6833
Mobile applications / Mobile firmware & hardware

MT6769
Mobile applications / Mobile firmware & hardware

MT8185
Mobile applications / Mobile firmware & hardware

MT8789
Mobile applications / Mobile firmware & hardware

MT8791
Mobile applications / Mobile firmware & hardware

MT8512A
Mobile applications / Mobile firmware & hardware

MT8798
Mobile applications / Mobile firmware & hardware

MT8519_M1V1
Mobile applications / Mobile firmware & hardware

MT8519_P1V1
Mobile applications / Mobile firmware & hardware

MT8666
Mobile applications / Mobile firmware & hardware

MT8675
Mobile applications / Mobile firmware & hardware

MT8768
Mobile applications / Mobile firmware & hardware

MT8786
Mobile applications / Mobile firmware & hardware

MT8175
Mobile applications / Mobile firmware & hardware

MT8667
Mobile applications / Mobile firmware & hardware

MT8735A
Mobile applications / Mobile firmware & hardware

MT8735B
Mobile applications / Mobile firmware & hardware

MT8766
Mobile applications / Mobile firmware & hardware

MT6853T
Hardware solutions / Firmware

MT6873
Hardware solutions / Firmware

MT6875
Hardware solutions / Firmware

MT6877
Hardware solutions / Firmware

MT6883
Hardware solutions / Firmware

MT6885
Hardware solutions / Firmware

MT6889
Hardware solutions / Firmware

MT6891
Hardware solutions / Firmware

MT6893
Hardware solutions / Firmware

MT6779
Hardware solutions / Firmware

MT6781
Hardware solutions / Firmware

MT6785
Hardware solutions / Firmware

MT6853
Hardware solutions / Firmware

MT8797
Hardware solutions / Firmware

Vendor MediaTek

Security Bulletin

This security bulletin contains information about 23 vulnerabilities.

1) Out-of-bounds write

EUVDB-ID: #VU66957

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26447

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in BT firmware. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6580: All versions

MT6735: All versions

MT6737: All versions

MT6739: All versions

MT6750S: All versions

MT6753: All versions

MT6755S: All versions

MT6757: All versions

MT6757C: All versions

MT6757CD: All versions

MT6757CH: All versions

MT6763: All versions

MT6771: All versions

MT8163: All versions

MT8167: All versions

MT8167S: All versions

MT8173: All versions

MT8183: All versions

MT8321: All versions

MT8362A: All versions

MT8385: All versions

MT8518: All versions

MT8532: All versions

MT8765: All versions

MT8788: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Out-of-bounds write

EUVDB-ID: #VU66958

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26448

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in apusys. A loal user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6853T: All versions

MT6873: All versions

MT6875: All versions

MT6877: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6891: All versions

MT6893: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Out-of-bounds write

EUVDB-ID: #VU66959

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26449

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in apusys. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6879: All versions

MT6895: All versions

MT6983: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Race condition

EUVDB-ID: #VU66960

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26450

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in apusys. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6879: All versions

MT6895: All versions

MT6983: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Use-after-free

EUVDB-ID: #VU66961

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26451

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to improper synchronization in ged. A local user can gain elevated privileges on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6789: All versions

MT6855: All versions

MT6879: All versions

MT6895: All versions

MT6983: All versions

MT8168: All versions

MT8365: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Use-after-free

EUVDB-ID: #VU66962

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26453

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in teei. A local user can gain elevated privileges on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6761: All versions

MT6765: All versions

MT6768: All versions

MT6771: All versions

MT6779: All versions

MT6781: All versions

MT6785: All versions

MT6833: All versions

MT6853: All versions

MT6875: All versions

MT6877: All versions

MT6879: All versions

MT6885: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Integer overflow

EUVDB-ID: #VU66963

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26454

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in teei. A local user can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6761: All versions

MT6765: All versions

MT6768: All versions

MT6771: All versions

MT6779: All versions

MT6781: All versions

MT6785: All versions

MT6833: All versions

MT6853: All versions

MT6875: All versions

MT6877: All versions

MT6879: All versions

MT6885: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Improper Handling of Exceptional Conditions

EUVDB-ID: #VU66964

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26455

CWE-ID: CWE-755 - Improper Handling of Exceptional Conditions

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect error handling in gz. A local user can gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6789: All versions

MT6855: All versions

MT6879: All versions

MT6895: All versions

MT6983: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) UNIX symbolic link following

EUVDB-ID: #VU66965

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26456

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a symlink following issue in vow. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6769: All versions

MT6781: All versions

MT6785: All versions

MT6789: All versions

MT6833: All versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6875: All versions

MT6877: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6891: All versions

MT6893: All versions

MT6983: All versions

MT8185: All versions

MT8789: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Out-of-bounds write

EUVDB-ID: #VU66966

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26457

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in vow. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6769: All versions

MT6781: All versions

MT6785: All versions

MT6833: All versions

MT6855: All versions

MT6877: All versions

MT6879: All versions

MT6893: All versions

MT6983: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Out-of-bounds write

EUVDB-ID: #VU66967

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26458

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in vow. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6883: All versions

MT6885: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Integer overflow

EUVDB-ID: #VU66968

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26459

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to integer overflow in vow. A local user can pass specially crafted data to the application, trigger integer overflow and gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6833: All versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Out-of-bounds write

EUVDB-ID: #VU66969

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26460

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in vow. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6833: All versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) undefined

EUVDB-ID: #VU66970

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26461

CWE-ID: CWE-475 - Undefined Behavior for Input to API

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to undefined behavior for input to api in vow, which leads to security restrictions bypass and privilege escalation.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6833: All versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Out-of-bounds read

EUVDB-ID: #VU66971

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26462

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in vow. A local user to trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6833: All versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Out-of-bounds read

EUVDB-ID: #VU66972

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26463

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in vow. A local user can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6833: All versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Out-of-bounds write

EUVDB-ID: #VU66973

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26464

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in vow. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6833: All versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Out-of-bounds write

EUVDB-ID: #VU66974

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26465

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in audio ipi. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6779: All versions

MT6781: All versions

MT6785: All versions

MT6853: All versions

MT6853T: All versions

MT6873: All versions

MT6875: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8512A: All versions

MT8518: All versions

MT8791: All versions

MT8797: All versions

MT8798: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Integer overflow

EUVDB-ID: #VU66975

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26466

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in audio ipi. A local user can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6779: All versions

MT6781: All versions

MT6785: All versions

MT6853: All versions

MT6853T: All versions

MT6873: All versions

MT6875: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8512A: All versions

MT8518: All versions

MT8519_M1V1: All versions

MT8519_P1V1: All versions

MT8791: All versions

MT8797: All versions

MT8798: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Out-of-bounds write

EUVDB-ID: #VU66976

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26467

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local usuer to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in rpmb. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6580: All versions

MT6735: All versions

MT6737: All versions

MT6739: All versions

MT6753: All versions

MT6761: All versions

MT6765: All versions

MT6768: All versions

MT6771: All versions

MT6779: All versions

MT6781: All versions

MT6785: All versions

MT6833: All versions

MT6853: All versions

MT6853T: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8168: All versions

MT8183: All versions

MT8321: All versions

MT8365: All versions

MT8385: All versions

MT8666: All versions

MT8675: All versions

MT8765: All versions

MT8768: All versions

MT8786: All versions

MT8788: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) Out-of-bounds write

EUVDB-ID: #VU66977

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26468

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in preloader (usb). An attacker with physical access can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6735: All versions

MT6739: All versions

MT6761: All versions

MT6763: All versions

MT6765: All versions

MT6768: All versions

MT6771: All versions

MT6779: All versions

MT6781: All versions

MT6785: All versions

MT6833: All versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6879: All versions

MT6885: All versions

MT6893: All versions

MT6895: All versions

MT6983: All versions

MT8163: All versions

MT8167: All versions

MT8167S: All versions

MT8168: All versions

MT8173: All versions

MT8175: All versions

MT8183: All versions

MT8185: All versions

MT8321: All versions

MT8362A: All versions

MT8365: All versions

MT8385: All versions

MT8666: All versions

MT8667: All versions

MT8675: All versions

MT8735A: All versions

MT8735B: All versions

MT8765: All versions

MT8766: All versions

MT8768: All versions

MT8786: All versions

MT8788: All versions

MT8789: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) Unsafe reflection

EUVDB-ID: #VU66978

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26469

CWE-ID: CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Exploit availability: No

Description

The vulnerability allows a local attacker to escalate privileges on the system.

The vulnerability exists due to unsafe reflection in MtkEmail. A local attacker can gain elevated privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6580: All versions

MT6735: All versions

MT6737: All versions

MT6739: All versions

MT6761: All versions

MT6765: All versions

MT6768: All versions

MT6771: All versions

MT6779: All versions

MT6781: All versions

MT6785: All versions

MT6833: All versions

MT6853: All versions

MT6855: All versions

MT6873: All versions

MT6877: All versions

MT6879: All versions

MT6883: All versions

MT6885: All versions

MT6889: All versions

MT6895: All versions

MT6983: All versions

MT8167: All versions

MT8167S: All versions

MT8168: All versions

MT8173: All versions

MT8175: All versions

MT8185: All versions

MT8321: All versions

MT8362A: All versions

MT8365: All versions

MT8385: All versions

MT8666: All versions

MT8675: All versions

MT8765: All versions

MT8766: All versions

MT8768: All versions

MT8786: All versions

MT8788: All versions

MT8789: All versions

MT8791: All versions

MT8797: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Out-of-bounds write

EUVDB-ID: #VU66979

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26470

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in aie. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MT6879: All versions

MT6895: All versions

MT6983: All versions

MT8321: All versions

MT8385: All versions

MT8765: All versions

MT8766: All versions

MT8768: All versions

MT8786: All versions

MT8788: All versions

MT8789: All versions


CPE2.3 External links

http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###