Out of Bounds Write Vulnerability in MediaTek Preloader USB
CVE-2022-26468

6.6MEDIUM

Key Information:

Vendor: MediaTek
Status: Mt6735, Mt6739, Mt6761, Mt6763, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6855, Mt6873, Mt6877, Mt6879, Mt6885, Mt6893, Mt6895, Mt6983, Mt8163, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8183, Mt8185, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8666, Mt8667, Mt8675, Mt8735a, Mt8735b, Mt8765, Mt8766, Mt8768, Mt8786, Mt8788, Mt8789, Mt8797
Vendor: CVE Published:; 6 September 2022

Summary

The MediaTek Preloader USB is susceptible to an out of bounds write vulnerability due to a missing bounds check. This issue could permit a local attacker, with physical access to the device, to escalate privileges without needing additional execution permissions. Exploitation of this vulnerability requires user interaction, making it crucial for individuals and organizations using MediaTek products to be aware and apply necessary patches.

Affected Version(s)

MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 Android 11.0, 12.0

References

https://corp.mediatek.com/product-security-bulletin/Septe...

x_refsource_MISC

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 6, 2022
Vulnerability Reserved
Mar 4, 2022