Multiple vulnerabilities in MediaTek chipsets
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
1) Deserialization of Untrusted Data
EUVDB-ID: #VU67838
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-26471
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to insecure input validation when processing serialized data within the telephony service. A local application can pass a specially crafted data to the affected service and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Vulnerable software versionsMT6580: All versions
MT6739: All versions
MT6761: All versions
MT6765: All versions
MT6768: All versions
MT6781: All versions
MT6785: All versions
MT6789: All versions
MT6833: All versions
MT6853: All versions
MT6853T: All versions
MT6855: All versions
MT6873: All versions
MT6877: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6889: All versions
MT6893: All versions
MT6895: All versions
MT6983: All versions
MT8321: All versions
MT8385: All versions
MT8666: All versions
MT8675: All versions
MT8765: All versions
MT8766: All versions
MT8768: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
MT8791: All versions
MT8797: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Deserialization of Untrusted Data
EUVDB-ID: #VU67839
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-26472
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
Install updates from vendor's website.
Vulnerable software versionsMT6739: All versions
MT6761: All versions
MT6762: All versions
MT6763: All versions
MT6765: All versions
MT6768: All versions
MT6769: All versions
MT6771: All versions
MT6779: All versions
MT6781: All versions
MT6785: All versions
MT6789: All versions
MT6833: All versions
MT6853: All versions
MT6853T: All versions
MT6855: All versions
MT6873: All versions
MT6875: All versions
MT6877: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6889: All versions
MT6891: All versions
MT6893: All versions
MT6895: All versions
MT6983: All versions
MT8321: All versions
MT8385: All versions
MT8666: All versions
MT8675: All versions
MT8765: All versions
MT8766: All versions
MT8768: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
MT8791: All versions
MT8797: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU67840
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-26452
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper locking within the isp component. A local application with System execution permissions can execute arbitrary code.
Install updates from vendor's website.
Vulnerable software versionsMT6879: All versions
MT6895: All versions
MT6983: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU67841
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-26473
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper locking within the vdec fmt component. A local application with System execution permissions can execute arbitrary code. MitigationInstall updates from vendor's website.
Vulnerable software versionsMT6789: All versions
MT6855: All versions
MT6879: All versions
MT6895: All versions
MT6983: All versions
MT8168: All versions
MT8365: All versions
MT8695: All versions
MT8696: All versions
MT8798: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU67842
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-26474
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in sensorhub. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Vulnerable software versionsMT6789: All versions
MT6855: All versions
MT6879: All versions
MT6895: All versions
MT6983: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU67843
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-26475
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
Install updates from vendor's website.
Vulnerable software versionsMT6761: All versions
MT6762: All versions
MT6765: All versions
MT6768: All versions
MT6769: All versions
MT6779: All versions
MT6781: All versions
MT6785: All versions
MT6789: All versions
MT6853: All versions
MT6855: All versions
MT6873: All versions
MT6875: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6889: All versions
MT6895: All versions
MT6983: All versions
MT7663: All versions
MT7902: All versions
MT7921: All versions
MT8167S: All versions
MT8175: All versions
MT8183: All versions
MT8185: All versions
MT8362A: All versions
MT8365: All versions
MT8385: All versions
MT8512A: All versions
MT8518: All versions
MT8532: All versions
MT8667: All versions
MT8695: All versions
MT8696: All versions
MT8766: All versions
MT8768: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper Resource Shutdown or Release
EUVDB-ID: #VU67844
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32589
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper resource shutdown or release in Wi-Fi driver. A remote attacker can send specially crafted traffic to the affected device and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versionsMT6761: All versions
MT6762: All versions
MT6765: All versions
MT6768: All versions
MT6779: All versions
MT6781: All versions
MT6785: All versions
MT6789: All versions
MT6833: All versions
MT6853: All versions
MT6873: All versions
MT6875: All versions
MT6877: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6889: All versions
MT6891: All versions
MT6893: All versions
MT6895: All versions
MT6983: All versions
MT7663: All versions
MT7668: All versions
MT7902: All versions
MT7921: All versions
MT8167S: All versions
MT8175: All versions
MT8183: All versions
MT8185: All versions
MT8362A: All versions
MT8365: All versions
MT8385: All versions
MT8512A: All versions
MT8518: All versions
MT8532: All versions
MT8667: All versions
MT8766: All versions
MT8768: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Use-after-free
EUVDB-ID: #VU67845
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32590
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the WLAN component. A local application can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Vulnerable software versionsMT6761: All versions
MT6762: All versions
MT6765: All versions
MT6768: All versions
MT6769: All versions
MT6779: All versions
MT6781: All versions
MT6785: All versions
MT6789: All versions
MT6833: All versions
MT6853: All versions
MT6853T: All versions
MT6855: All versions
MT6873: All versions
MT6877: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6889: All versions
MT6891: All versions
MT6893: All versions
MT6895: All versions
MT6983: All versions
MT7663: All versions
MT7668: All versions
MT7902: All versions
MT7921: All versions
MT8167S: All versions
MT8175: All versions
MT8183: All versions
MT8185: All versions
MT8362A: All versions
MT8365: All versions
MT8385: All versions
MT8512A: All versions
MT8518: All versions
MT8532: All versions
MT8667: All versions
MT8695: All versions
MT8696: All versions
MT8766: All versions
MT8768: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Buffer overflow
EUVDB-ID: #VU67846
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32591
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the ril component. A remote attacker can send specially crafted traffic to the device, trigger memory corruption and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versionsMT6580: All versions
MT6739: All versions
MT6753: All versions
MT6757: All versions
MT6761: All versions
MT6762: All versions
MT6763: All versions
MT6765: All versions
MT6768: All versions
MT6779: All versions
MT6781: All versions
MT6785: All versions
MT6789: All versions
MT6833: All versions
MT6853: All versions
MT6853T: All versions
MT6855: All versions
MT6873: All versions
MT6875: All versions
MT6877: All versions
MT6879: All versions
MT6885: All versions
MT6893: All versions
MT6895: All versions
MT6983: All versions
MT8321: All versions
MT8385: All versions
MT8666: All versions
MT8675: All versions
MT8765: All versions
MT8766: All versions
MT8768: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
MT8791: All versions
MT8797: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU67847
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32592
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper input validation within cpu dvfs. A local application can execute arbitrary code with elevated privileges. MitigationInstall updates from vendor's website.
Vulnerable software versionsMT6855: All versions
MT6879: All versions
MT6895: All versions
MT6983: All versions
MT8185: All versions
MT8321: All versions
MT8385: All versions
MT8518: All versions
MT8666: All versions
MT8675: All versions
MT8765: All versions
MT8768: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Out-of-bounds write
EUVDB-ID: #VU67848
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32593
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the vowe component. A local application can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Vulnerable software versionsMT6983: All versions
External linkshttp://corp.mediatek.com/product-security-bulletin/October-2022
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
