Out-of-bounds write in MediaTek Mobile applications

#VU66957 Out-of-bounds write in MediaTek Mobile applications

Published: 2022-09-05

Vulnerability identifier: #VU66957

Vulnerability risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26447

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vendor: MediaTek

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in BT firmware. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

MT6580: All versions

MT6735: All versions

MT6737: All versions

MT6739: All versions

MT6750S: All versions

MT6753: All versions

MT6755S: All versions

MT6757: All versions

MT6757C: All versions

MT6757CD: All versions

MT6757CH: All versions

MT6763: All versions

MT6771: All versions

MT8163: All versions

MT8167: All versions

MT8167S: All versions

MT8173: All versions

MT8183: All versions

MT8321: All versions

MT8362A: All versions

MT8385: All versions

MT8518: All versions

MT8532: All versions

MT8765: All versions

MT8788: All versions

External links
http://corp.mediatek.com/product-security-bulletin/September-2022

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Google Android

Multiple vulnerabilities in MediaTek Chipsets