Out of Bounds Write Vulnerability in MediaTek Modem 2G RR
CVE-2022-21744
Key Information:
- Vendor
- MediaTek
- Vendor
- CVE Published:
- 6 July 2022
Summary
An out of bounds write vulnerability exists in the MediaTek Modem 2G RR, caused by a missing bounds check. This flaw may allow an attacker to exploit improper neighbouring cell size when decoding GPRS Packet Neighbour Cell Data (PNCD), which can result in unauthorized remote code execution without the need for user interaction. Affected users are advised to apply the latest patches to mitigate security risks associated with this vulnerability.
Affected Version(s)
MT2731, MT2735, MT6297, MT6725, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6755, MT6757, MT6757P, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6797, MT6799, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 Modem LR9, LR11, LR12, LR12A, LR13, NR15, NR16
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved