Out of Bounds Write Vulnerability in MediaTek Modem 2G/3G Products
CVE-2022-20083
Key Information:
- Vendor
- MediaTek
- Vendor
- CVE Published:
- 6 July 2022
Summary
An out of bounds write vulnerability exists in MediaTek's Modem 2G/3G CC, originating from a missing bounds check. This issue could be exploited by an attacker to execute arbitrary code remotely while decoding combined FACILITY data. Notably, this vulnerability does not require any additional execution privileges or user interaction, making it particularly concerning for device security. Affected products should be updated promptly to mitigate potential risks associated with this vulnerability.
Affected Version(s)
MT2731, MT2735, MT6297, MT6725, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6755, MT6757, MT6757P, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6797, MT6799, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 Modem LR9, LR11, LR12, LR12A, LR13, NR15, NR16
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved