Out of Bounds Write Vulnerability in MediaTek USB Preloader
CVE-2022-20073

6.6MEDIUM

Key Information:

Vendor
MediaTek
Status
Mt2601, Mt6580, Mt6735, Mt6739, Mt6761, Mt6763, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6799, Mt6833, Mt6873, Mt6877, Mt6885, Mt6893, Mt8163, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8183, Mt8185, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8666, Mt8667, Mt8675, Mt8695, Mt8696, Mt8765, Mt8766, Mt8768, Mt8786, Mt8788, Mt8789, Mt8791, Mt8797
Vendor
CVE Published:
11 April 2022

Summary

An out of bounds write vulnerability exists in the USB Preloader of MediaTek devices due to an integer underflow. This flaw allows potential local privilege escalation for attackers possessing physical access to the vulnerable device. User interaction is required to exploit this vulnerability, making it crucial for users to be aware of physical access risks and implement necessary security measures.

Affected Version(s)

MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 Android 10.0, 11.0, 12.0

References

https://corp.mediatek.com/product-security-bulletin/April...
x_refsource_MISC

CVSS V3.1

Score:
6.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.