CVE-2022-20047

7.8HIGH

Key Information:

Summary

In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489.

Affected Version(s)

MT5816, MT5835, MT6885, MT6893, MT9900, MT9901, MT9950, MT9969, MT9970, MT9980 Android 10.0, 11.0, 12.0

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.