Local Escalation of Privilege in Ion by MediaTek
CVE-2022-20109
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 3 May 2022
What is CVE-2022-20109?
The vulnerability in MediaTek's Ion arises from a possible use after free due to improper management of reference counts. This flaw can enable local escalation of privilege without requiring additional execution permissions, and it is exploitative without any action needed from users, making it a significant security concern. Affected versions require immediate attention to mitigate risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 Android 9.0, 10.0, 11.0, 12.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved