Bluetooth Flooding Vulnerability in MediaTek Devices
CVE-2022-20023
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 4 January 2022
What is CVE-2022-20023?
This vulnerability involves a scenario where Bluetooth-enabled devices can be flooded with unexpected LMP_AU_rand packets, potentially causing the application to crash. With no additional execution privileges required, attackers can exploit this issue remotely, making user interaction unnecessary. This denial of service attack can compromise Bluetooth functionality, highlighting the need for timely updates and security patches to mitigate risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT7662T, MT7663, MT7668, MT7915, MT7920, MT7921, MT7922, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8362B, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 Android 10.0, 11.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved