Vulnerabilites related to mediatek - mt7615_firmware
cve-2021-37571
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.288Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:10:20", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37571", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37571", datePublished: "2021-12-25T23:23:55", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.288Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37560
Vulnerability from cvelistv5
Published
2021-12-25 23:26
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.295Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:31:53", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37560", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37560", datePublished: "2021-12-25T23:26:02", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.295Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37564
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.165Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:16:49", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37564", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37564", datePublished: "2021-12-25T23:23:26", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.165Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26438
Vulnerability from cvelistv5
Published
2022-08-01 13:58
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.782Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:58:53", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26438", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26438", datePublished: "2022-08-01T13:58:53", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.782Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26439
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.864Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:04", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26439", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26439", datePublished: "2022-08-01T13:59:04", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.864Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26445
Vulnerability from cvelistv5
Published
2022-08-01 14:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.863Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T14:00:32", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26445", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26445", datePublished: "2022-08-01T14:00:32", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.863Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32666
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 16:26
Severity ?
EPSS score ?
Summary
In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8365 |
Version: 7.6.6.0 / IOT-v23.0 (Yocto 4.0) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:44.957Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2023", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-32666", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T16:26:43.420231Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T16:26:54.136Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8365", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0 / IOT-v23.0 (Yocto 4.0)", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-04T01:44:59.030Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/July-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32666", datePublished: "2023-07-04T01:44:59.030Z", dateReserved: "2022-06-09T07:04:43.361Z", dateUpdated: "2024-12-04T16:26:54.136Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26443
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.862Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:56", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26443", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26443", datePublished: "2022-08-01T13:59:56", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.862Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37584
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.320Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:36:31", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37584", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37584", datePublished: "2021-12-25T23:25:39", dateReserved: "2021-07-27T00:00:00", dateUpdated: "2024-08-04T01:23:01.320Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41788
Vulnerability from cvelistv5
Published
2021-12-25 23:18
Modified
2024-08-04 03:15
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:15:29.306Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:H/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:25:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-41788", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:H/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301", refsource: "MISC", url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-41788", datePublished: "2021-12-25T23:18:30", dateReserved: "2021-09-29T00:00:00", dateUpdated: "2024-08-04T03:15:29.306Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32656
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:45.240Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-06T00:00:00", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32656", datePublished: "2023-02-06T00:00:00", dateReserved: "2022-06-09T00:00:00", dateUpdated: "2024-08-03T07:46:45.240Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37583
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.295Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:08:30", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37583", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37583", datePublished: "2021-12-25T23:24:05", dateReserved: "2021-07-27T00:00:00", dateUpdated: "2024-08-04T01:23:01.295Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32655
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:45.130Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-06T00:00:00", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32655", datePublished: "2023-02-06T00:00:00", dateReserved: "2022-06-09T00:00:00", dateUpdated: "2024-08-03T07:46:45.130Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32654
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:44.958Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-06T00:00:00", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32654", datePublished: "2023-02-06T00:00:00", dateReserved: "2022-06-09T00:00:00", dateUpdated: "2024-08-03T07:46:44.958Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37565
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.285Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:15:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37565", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37565", datePublished: "2021-12-25T23:23:36", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.285Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37566
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.194Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:04:35", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37566", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37566", datePublished: "2021-12-25T23:24:32", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.194Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41789
Vulnerability from cvelistv5
Published
2022-01-04 15:54
Modified
2024-08-04 03:15
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/January-2022 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:15:29.254Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-04T15:54:41", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-41789", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-41789", datePublished: "2022-01-04T15:54:41", dateReserved: "2021-09-29T00:00:00", dateUpdated: "2024-08-04T03:15:29.254Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26440
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.664Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:19", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26440", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26440", datePublished: "2022-08-01T13:59:19", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.664Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37567
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.324Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:13:19", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37567", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37567", datePublished: "2021-12-25T23:23:45", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.324Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37562
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.387Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:57:22", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37562", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37562", datePublished: "2021-12-25T23:24:41", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.387Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37563
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.161Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:38:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37563", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37563", datePublished: "2021-12-25T23:25:29", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.161Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32467
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-03 23:17
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:17:29.548Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:44:03", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-32467", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-32467", datePublished: "2021-12-25T23:25:19", dateReserved: "2021-05-07T00:00:00", dateUpdated: "2024-08-03T23:17:29.548Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32658
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986 |
Version: 7.6.6.0 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:44.925Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-03T00:00:00", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32658", datePublished: "2023-01-03T00:00:00", dateReserved: "2022-06-09T00:00:00", dateUpdated: "2024-08-03T07:46:44.925Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35055
Vulnerability from cvelistv5
Published
2021-12-25 23:26
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:50.868Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:28:49", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-35055", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-35055", datePublished: "2021-12-25T23:26:13", dateReserved: "2021-06-21T00:00:00", dateUpdated: "2024-08-04T00:33:50.868Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26441
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.837Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:30", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26441", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26441", datePublished: "2022-08-01T13:59:30", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.837Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26444
Vulnerability from cvelistv5
Published
2022-08-01 14:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.852Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T14:00:15", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26444", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26444", datePublished: "2022-08-01T14:00:15", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.852Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37561
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.231Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:34:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37561", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37561", datePublished: "2021-12-25T23:25:53", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.231Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32468
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-03 23:17
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:17:29.572Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:46:37", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-32468", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-32468", datePublished: "2021-12-25T23:25:09", dateReserved: "2021-05-07T00:00:00", dateUpdated: "2024-08-03T23:17:29.572Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32469
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-03 23:17
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:17:29.547Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T21:52:34", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-32469", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-32469", datePublished: "2021-12-25T23:24:52", dateReserved: "2021-05-07T00:00:00", dateUpdated: "2024-08-03T23:17:29.547Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37569
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.346Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:06:21", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37569", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37569", datePublished: "2021-12-25T23:24:23", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.346Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32663
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:44.927Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7668, MT7902, MT7915, MT7916, MT7921, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.1", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-06T00:00:00", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32663", datePublished: "2023-02-06T00:00:00", dateReserved: "2022-06-09T00:00:00", dateUpdated: "2024-08-03T07:46:44.927Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37570
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.294Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:18:44", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37570", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37570", datePublished: "2021-12-25T23:23:12", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.294Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32657
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986 |
Version: 7.6.6.0 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:45.233Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-03T00:00:00", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32657", datePublished: "2023-01-03T00:00:00", dateReserved: "2022-06-09T00:00:00", dateUpdated: "2024-08-03T07:46:45.233Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37572
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.328Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:20:35", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37572", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37572", datePublished: "2021-12-25T23:23:02", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.328Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37568
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.219Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-05T22:29:52", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37568", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", refsource: "MISC", url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { name: "https://corp.mediatek.com/product-security-bulletin/January-2022", refsource: "CONFIRM", url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37568", datePublished: "2021-12-25T23:24:14", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.219Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32659
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8518S, MT8532 |
Version: 7.6.6.0, and Yocto 3.1, 3.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:45.232Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8518S, MT8532", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.6.0, and Yocto 3.1, 3.3", }, ], }, ], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-03T00:00:00", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-32659", datePublished: "2023-01-03T00:00:00", dateReserved: "2022-06-09T00:00:00", dateUpdated: "2024-08-03T07:46:45.232Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26442
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981 |
Version: 7.6.2.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.816Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "7.6.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-01T13:59:43", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-26442", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981", version: { version_data: [ { version_value: "7.6.2.3", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/August-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26442", datePublished: "2022-08-01T13:59:43", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.816Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.2.3 | |
mediatek | mt7603 | - | |
mediatek | mt7610_firmware | 7.6.2.3 | |
mediatek | mt7610 | - | |
mediatek | mt7612_firmware | 7.6.2.3 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.6.2.3 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.2.3 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 7.6.2.3 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 7.6.2.3 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.2.3 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.2.3 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.2.3 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.2.3 | |
mediatek | mt7916 | - | |
mediatek | mt7986_firmware | 7.6.2.3 | |
mediatek | mt7986 | - | |
mediatek | mt8981_firmware | 7.6.2.3 | |
mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420037; ID de Incidencia: GN20220420037", }, ], id: "CVE-2022-26440", lastModified: "2024-11-21T06:53:57.127", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.627", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:26
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).", }, { lang: "es", value: "Los microchips de MediaTek, usados en dispositivos NETGEAR hasta 13-12-20213 y otros dispositivos, manejan inapropiadamente los intentos de inundación de autenticación Wi-Fi. (Chipsets afectados MT7603E, MT7612, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0).", }, ], id: "CVE-2021-41788", lastModified: "2024-11-21T06:26:45.750", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:10.043", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.2.3 | |
mediatek | mt7603 | - | |
mediatek | mt7610_firmware | 7.6.2.3 | |
mediatek | mt7610 | - | |
mediatek | mt7612_firmware | 7.6.2.3 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.6.2.3 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.2.3 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 7.6.2.3 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 7.6.2.3 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.2.3 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.2.3 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.2.3 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.2.3 | |
mediatek | mt7916 | - | |
mediatek | mt7986_firmware | 7.6.2.3 | |
mediatek | mt7986 | - | |
mediatek | mt8981_firmware | 7.6.2.3 | |
mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420075; ID de Incidencia: GN20220420075", }, ], id: "CVE-2022-26444", lastModified: "2024-11-21T06:53:57.617", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.800", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).", }, ], id: "CVE-2021-37571", lastModified: "2024-11-21T06:15:26.910", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.840", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7610_firmware | 2.0.2 | |
mediatek | mt7610 | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 2.0.2 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0A8F854F-2BB7-4997-8611-49680E5E3847", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "D7A96E7F-BDCF-41DF-8671-63B8C215616C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).", }, ], id: "CVE-2021-37566", lastModified: "2024-11-21T06:15:25.943", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.587", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).", }, ], id: "CVE-2021-37583", lastModified: "2024-11-21T06:15:28.013", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.940", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - | |
mediatek | mt7620_firmware | 7.4.0.0 | |
mediatek | mt7620 | - | |
mediatek | mt7610_firmware | 7.4.0.0 | |
mediatek | mt7610 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos NETGEAR versiones hasta 11-11-2021 y en otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Lectura fuera de límites).", }, ], id: "CVE-2021-37562", lastModified: "2024-11-21T06:15:25.240", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.377", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).", }, ], id: "CVE-2021-37569", lastModified: "2024-11-21T06:15:26.583", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.737", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.2.3 | |
mediatek | mt7603 | - | |
mediatek | mt7610_firmware | 7.6.2.3 | |
mediatek | mt7610 | - | |
mediatek | mt7612_firmware | 7.6.2.3 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.6.2.3 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.2.3 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 7.6.2.3 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 7.6.2.3 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.2.3 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.2.3 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.2.3 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.2.3 | |
mediatek | mt7916 | - | |
mediatek | mt7986_firmware | 7.6.2.3 | |
mediatek | mt7986 | - | |
mediatek | mt8981_firmware | 7.6.2.3 | |
mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420013; ID de Incidencia: GN20220420013", }, ], id: "CVE-2022-26438", lastModified: "2024-11-21T06:53:56.860", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.537", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Lectura fuera de límites).", }, ], id: "CVE-2021-37567", lastModified: "2024-11-21T06:15:26.113", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.637", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
linuxfoundation | yocto | 4.0 | |
mediatek | mt7603_firmware | 7.6.6.0 | |
mediatek | mt7603 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt7613_firmware | 7.6.6.0 | |
mediatek | mt7613 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt7615_firmware | 7.6.6.0 | |
mediatek | mt7615 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt7622_firmware | 7.6.6.0 | |
mediatek | mt7622 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt7628_firmware | 7.6.6.0 | |
mediatek | mt7628 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt7629_firmware | 7.6.6.0 | |
mediatek | mt7629 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt7915_firmware | 7.6.6.0 | |
mediatek | mt7915 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt7916_firmware | 7.6.6.0 | |
mediatek | mt7916 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt7981_firmware | 7.6.6.0 | |
mediatek | mt7981 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt7986_firmware | 7.6.6.0 | |
mediatek | mt7986 | - | |
linuxfoundation | yocto | 4.0 | |
mediatek | mt8365_firmware | 7.6.6.0 | |
mediatek | mt8365 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.", }, ], id: "CVE-2022-32666", lastModified: "2024-11-21T07:06:50.657", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-07-04T02:15:09.480", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).", }, ], id: "CVE-2021-37568", lastModified: "2024-11-21T06:15:26.400", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.687", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1F9621A8-A63C-4831-9887-3C5C62B05FAA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D94F1C2D-5749-4BD7-916A-416A88AA858F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*", matchCriteriaId: "10C79211-F064-499D-914E-0BACD038FBF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C9371F16-8A35-4052-BF0A-500F6042FFBA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*", matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1C293668-B45D-4576-8B25-5B5BCD983891", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*", matchCriteriaId: "413F83A0-2B78-47A4-B80D-4554C01B1F3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5D3B5E86-E109-45AA-97BA-8EC81E55A332", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*", matchCriteriaId: "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7B75820B-B73F-47AB-A25A-4A624767B740", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*", matchCriteriaId: "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5414D487-223D-4195-AEA6-429AD30DFCE4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*", matchCriteriaId: "B70678B8-78D6-4651-BE58-44374273F3FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "605F4D0F-FF81-4CB8-9D25-2FA9410793DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7ED333D7-1DF2-48EB-8617-16D604070D9C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*", matchCriteriaId: "727F29FD-E8DA-46F1-9C98-9D194E981E38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C557CA7B-C1ED-44C3-9E5F-659D74A6359A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3A937256-84A3-48A8-BF28-14C87B09EB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "79456DE4-1CF2-4B64-9BF1-B2F9D841F864", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*", matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE9F2265-32D5-4EEA-8FAD-ECECC8231281", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*", matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DF834C63-5493-480D-9803-9C2FAA6F41AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.", }, ], id: "CVE-2022-32654", lastModified: "2024-11-21T07:06:49.327", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-06T20:15:11.057", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "FA350781-A776-48D1-A9C3-1EB32DC152D3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "44F24643-4E2F-49A1-8FE9-8B2105C87CC1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C76FDEBB-51AF-4367-9669-172D4803E11E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "1B1B95AE-F68D-4E3E-BD71-460576776218", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "1E5423C5-3A3D-4496-B8D6-857C90329CEE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "4D2CC90E-F75D-40DC-894E-9AF171338FD2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "2159C96A-299E-4636-B129-2BEAC9B607DE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "DF127C7A-44E3-441A-AD95-63DE93C7E9EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*", matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "A6864912-841E-41A4-9E30-6E8CA2B6F44D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "EDEC60B1-A589-4BC4-80A8-ED1D3B2F38AE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "B562C9FF-8527-4D48-8DCE-A30F6E2CC10A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "8B48743A-911C-4B44-9042-A7BFA9B5C53E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "A83A21DA-8E3E-43A4-99E8-0AFC84A172BE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "DC1983D4-082C-4C29-BDAA-13A5BAE02E6A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "EBCA0B42-B959-40A0-8403-4DD5C823E0B9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F2EFD461-3F8E-40F9-AE7F-9E9729C7ED83", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F0E6861E-4197-42A4-A411-2A8E0085E4D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "ECAC8D2E-19F2-4559-B57A-35BFA1736AB8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F716928E-BC95-48F2-AF07-CBD5CA9E72D1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "54F370BA-2715-45EC-8F15-2325EAEDAD1C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "BAA0C430-BC99-4736-978E-3BD91AA049BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "733A3CF0-CF17-412E-A93D-E8E093EB334D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.", }, ], id: "CVE-2022-32663", lastModified: "2024-11-21T07:06:50.210", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-06T20:15:11.203", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - | |
mediatek | mt7610_firmware | 7.4.0.0 | |
mediatek | mt7610 | - | |
mediatek | mt7620_firmware | 7.4.0.0 | |
mediatek | mt7620 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).", }, ], id: "CVE-2021-37563", lastModified: "2024-11-21T06:15:25.437", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.430", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.6.0 | |
mediatek | mt7603 | - | |
mediatek | mt7613_firmware | 7.6.6.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.6.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.6.6.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.6.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.6.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.6.0 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.6.0 | |
mediatek | mt7916 | - | |
mediatek | mt7981_firmware | 7.6.6.0 | |
mediatek | mt7981 | - | |
mediatek | mt7986_firmware | 7.6.6.0 | |
mediatek | mt7986 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.", }, { lang: "es", value: "En el controlador de Wi-Fi, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: GN20220705059; ID del problema: GN20220705059.", }, ], id: "CVE-2022-32658", lastModified: "2024-11-21T07:06:49.923", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-03T21:15:12.553", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-01-04 16:15
Modified
2024-11-21 06:26
Severity ?
Summary
In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7615_firmware | 4.4.1.1 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 4.4.1.1 | |
mediatek | mt7622 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:4.4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "586FD485-E748-4CD9-A9CD-F384D02D023A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:4.4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "FDE3EC04-6832-4B70-B66C-3D9CB83E21E3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.", }, { lang: "es", value: "En el controlador wifi, se presenta un posible fallo del sistema debido a una falta de comprobación de comprobación. Esto podría conllevar a una denegación de servicio remota por parte de un atacante proximal sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20190426015; ID de Incidencia: GN20190426015", }, ], id: "CVE-2021-41789", lastModified: "2024-11-21T06:26:45.923", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-04T16:15:09.527", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Lectura fuera de límites).", }, ], id: "CVE-2021-37570", lastModified: "2024-11-21T06:15:26.743", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.787", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7610_firmware | 7.4.0.0 | |
mediatek | mt7610 | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 7.4.0.0 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en dispositivos NETGEAR hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).", }, ], id: "CVE-2021-37584", lastModified: "2024-11-21T06:15:28.173", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.990", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.2.3 | |
mediatek | mt7603 | - | |
mediatek | mt7610_firmware | 7.6.2.3 | |
mediatek | mt7610 | - | |
mediatek | mt7612_firmware | 7.6.2.3 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.6.2.3 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.2.3 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 7.6.2.3 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 7.6.2.3 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.2.3 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.2.3 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.2.3 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.2.3 | |
mediatek | mt7916 | - | |
mediatek | mt7986_firmware | 7.6.2.3 | |
mediatek | mt7986 | - | |
mediatek | mt8981_firmware | 7.6.2.3 | |
mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420020; ID de Incidencia: GN20220420020", }, ], id: "CVE-2022-26439", lastModified: "2024-11-21T06:53:56.993", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.583", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:07
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - | |
mediatek | mt7620_firmware | 7.4.0.0 | |
mediatek | mt7620 | - | |
mediatek | mt7610_firmware | 7.4.0.0 | |
mediatek | mt7610 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, { lang: "es", value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915 Versiones de software afectadas 7.4.0.0; lectura fuera de límites).", }, ], id: "CVE-2021-32469", lastModified: "2024-11-21T06:07:05.890", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.160", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - | |
mediatek | mt7620_firmware | 7.4.0.0 | |
mediatek | mt7620 | - | |
mediatek | mt7610_firmware | 7.4.0.0 | |
mediatek | mt7610 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).", }, ], id: "CVE-2021-37560", lastModified: "2024-11-21T06:15:24.883", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.267", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.2.3 | |
mediatek | mt7603 | - | |
mediatek | mt7610_firmware | 7.6.2.3 | |
mediatek | mt7610 | - | |
mediatek | mt7612_firmware | 7.6.2.3 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.6.2.3 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.2.3 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 7.6.2.3 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 7.6.2.3 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.2.3 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.2.3 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.2.3 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.2.3 | |
mediatek | mt7916 | - | |
mediatek | mt7986_firmware | 7.6.2.3 | |
mediatek | mt7986 | - | |
mediatek | mt8981_firmware | 7.6.2.3 | |
mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420068; ID de Incidencia: GN20220420068", }, ], id: "CVE-2022-26443", lastModified: "2024-11-21T06:53:57.493", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.757", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.6.0 | |
mediatek | mt7603 | - | |
mediatek | mt7613_firmware | 7.6.6.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.6.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.6.6.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.6.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.6.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.6.0 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.6.0 | |
mediatek | mt7916 | - | |
mediatek | mt7981_firmware | 7.6.6.0 | |
mediatek | mt7981 | - | |
mediatek | mt7986_firmware | 7.6.6.0 | |
mediatek | mt7986 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.", }, { lang: "es", value: "En el controlador de Wi-Fi, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: GN20220705042; ID del problema: GN20220705042.", }, ], id: "CVE-2022-32657", lastModified: "2024-11-21T07:06:49.793", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-03T21:15:12.370", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*", matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226", vulnerable: true, }, { criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*", matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.", }, { lang: "es", value: "En el controlador de Wi-Fi, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: GN20220705066; ID del problema: GN20220705066.", }, ], id: "CVE-2022-32659", lastModified: "2024-11-21T07:06:50.060", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-03T21:15:12.603", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:07
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - | |
mediatek | mt7620_firmware | 7.4.0.0 | |
mediatek | mt7620 | - | |
mediatek | mt7610_firmware | 7.4.0.0 | |
mediatek | mt7610 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, { lang: "es", value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Lectura fuera de límites).", }, ], id: "CVE-2021-32468", lastModified: "2024-11-21T06:07:05.733", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.107", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos NETGEAR versiones hasta 11-11-2021 y en otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Falta la autorización).", }, ], id: "CVE-2021-37572", lastModified: "2024-11-21T06:15:27.063", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.890", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.2.3 | |
mediatek | mt7603 | - | |
mediatek | mt7610_firmware | 7.6.2.3 | |
mediatek | mt7610 | - | |
mediatek | mt7612_firmware | 7.6.2.3 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.6.2.3 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.2.3 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 7.6.2.3 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 7.6.2.3 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.2.3 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.2.3 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.2.3 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.2.3 | |
mediatek | mt7916 | - | |
mediatek | mt7986_firmware | 7.6.2.3 | |
mediatek | mt7986 | - | |
mediatek | mt8981_firmware | 7.6.2.3 | |
mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420088; ID de Incidencia: GN20220420088", }, ], id: "CVE-2022-26445", lastModified: "2024-11-21T06:53:57.747", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.843", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.2.3 | |
mediatek | mt7603 | - | |
mediatek | mt7610_firmware | 7.6.2.3 | |
mediatek | mt7610 | - | |
mediatek | mt7612_firmware | 7.6.2.3 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.6.2.3 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.2.3 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 7.6.2.3 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 7.6.2.3 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.2.3 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.2.3 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.2.3 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.2.3 | |
mediatek | mt7916 | - | |
mediatek | mt7986_firmware | 7.6.2.3 | |
mediatek | mt7986 | - | |
mediatek | mt8981_firmware | 7.6.2.3 | |
mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420044; ID de Incidencia: GN20220420044", }, ], id: "CVE-2022-26441", lastModified: "2024-11-21T06:53:57.250", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.670", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:07
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - | |
mediatek | mt7620_firmware | 7.4.0.0 | |
mediatek | mt7620 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).", }, { lang: "es", value: "Los microchips MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Lectura fuera de límites).", }, ], id: "CVE-2021-32467", lastModified: "2024-11-21T06:07:05.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.050", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - | |
mediatek | mt7620_firmware | 7.4.0.0 | |
mediatek | mt7620 | - | |
mediatek | mt7610_firmware | 7.4.0.0 | |
mediatek | mt7610 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).", }, ], id: "CVE-2021-37561", lastModified: "2024-11-21T06:15:25.060", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.317", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Lectura fuera de límites).", }, ], id: "CVE-2021-37564", lastModified: "2024-11-21T06:15:25.613", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.480", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1F9621A8-A63C-4831-9887-3C5C62B05FAA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D94F1C2D-5749-4BD7-916A-416A88AA858F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*", matchCriteriaId: "10C79211-F064-499D-914E-0BACD038FBF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C9371F16-8A35-4052-BF0A-500F6042FFBA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*", matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1C293668-B45D-4576-8B25-5B5BCD983891", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*", matchCriteriaId: "413F83A0-2B78-47A4-B80D-4554C01B1F3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5D3B5E86-E109-45AA-97BA-8EC81E55A332", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*", matchCriteriaId: "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7B75820B-B73F-47AB-A25A-4A624767B740", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*", matchCriteriaId: "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5414D487-223D-4195-AEA6-429AD30DFCE4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*", matchCriteriaId: "B70678B8-78D6-4651-BE58-44374273F3FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "605F4D0F-FF81-4CB8-9D25-2FA9410793DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7ED333D7-1DF2-48EB-8617-16D604070D9C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*", matchCriteriaId: "727F29FD-E8DA-46F1-9C98-9D194E981E38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C557CA7B-C1ED-44C3-9E5F-659D74A6359A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3A937256-84A3-48A8-BF28-14C87B09EB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "79456DE4-1CF2-4B64-9BF1-B2F9D841F864", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*", matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE9F2265-32D5-4EEA-8FAD-ECECC8231281", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*", matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DF834C63-5493-480D-9803-9C2FAA6F41AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.", }, ], id: "CVE-2022-32656", lastModified: "2024-11-21T07:06:49.640", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-06T20:15:11.157", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603_firmware | 7.6.2.3 | |
mediatek | mt7603 | - | |
mediatek | mt7610_firmware | 7.6.2.3 | |
mediatek | mt7610 | - | |
mediatek | mt7612_firmware | 7.6.2.3 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.6.2.3 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.6.2.3 | |
mediatek | mt7615 | - | |
mediatek | mt7620_firmware | 7.6.2.3 | |
mediatek | mt7620 | - | |
mediatek | mt7622_firmware | 7.6.2.3 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.6.2.3 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.6.2.3 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.6.2.3 | |
mediatek | mt7915 | - | |
mediatek | mt7916_firmware | 7.6.2.3 | |
mediatek | mt7916 | - | |
mediatek | mt7986_firmware | 7.6.2.3 | |
mediatek | mt7986 | - | |
mediatek | mt8981_firmware | 7.6.2.3 | |
mediatek | mt8981 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*", matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.", }, { lang: "es", value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420051; ID de Incidencia: GN20220420051", }, ], id: "CVE-2022-26442", lastModified: "2024-11-21T06:53:57.377", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-01T14:15:09.713", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/August-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1F9621A8-A63C-4831-9887-3C5C62B05FAA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D94F1C2D-5749-4BD7-916A-416A88AA858F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*", matchCriteriaId: "10C79211-F064-499D-914E-0BACD038FBF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C9371F16-8A35-4052-BF0A-500F6042FFBA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*", matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "1C293668-B45D-4576-8B25-5B5BCD983891", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*", matchCriteriaId: "413F83A0-2B78-47A4-B80D-4554C01B1F3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5D3B5E86-E109-45AA-97BA-8EC81E55A332", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*", matchCriteriaId: "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7B75820B-B73F-47AB-A25A-4A624767B740", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*", matchCriteriaId: "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5414D487-223D-4195-AEA6-429AD30DFCE4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*", matchCriteriaId: "B70678B8-78D6-4651-BE58-44374273F3FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "605F4D0F-FF81-4CB8-9D25-2FA9410793DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "7ED333D7-1DF2-48EB-8617-16D604070D9C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*", matchCriteriaId: "727F29FD-E8DA-46F1-9C98-9D194E981E38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C557CA7B-C1ED-44C3-9E5F-659D74A6359A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3A937256-84A3-48A8-BF28-14C87B09EB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "79456DE4-1CF2-4B64-9BF1-B2F9D841F864", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*", matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE9F2265-32D5-4EEA-8FAD-ECECC8231281", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*", matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DF834C63-5493-480D-9803-9C2FAA6F41AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.", }, ], id: "CVE-2022-32655", lastModified: "2024-11-21T07:06:49.490", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-06T20:15:11.107", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 2.0.2 | |
mediatek | mt7603e | - | |
mediatek | mt7613_firmware | 2.0.2 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 2.0.2 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 2.0.2 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 2.0.2 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 2.0.2 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 2.0.2 | |
mediatek | mt7915 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).", }, { lang: "es", value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Lectura fuera de límites).", }, ], id: "CVE-2021-37565", lastModified: "2024-11-21T06:15:25.773", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.533", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:11
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mediatek | mt7603e_firmware | 7.4.0.0 | |
mediatek | mt7603e | - | |
mediatek | mt7612_firmware | 7.4.0.0 | |
mediatek | mt7612 | - | |
mediatek | mt7613_firmware | 7.4.0.0 | |
mediatek | mt7613 | - | |
mediatek | mt7615_firmware | 7.4.0.0 | |
mediatek | mt7615 | - | |
mediatek | mt7622_firmware | 7.4.0.0 | |
mediatek | mt7622 | - | |
mediatek | mt7628_firmware | 7.4.0.0 | |
mediatek | mt7628 | - | |
mediatek | mt7629_firmware | 7.4.0.0 | |
mediatek | mt7629 | - | |
mediatek | mt7915_firmware | 7.4.0.0 | |
mediatek | mt7915 | - | |
mediatek | mt7620_firmware | 7.4.0.0 | |
mediatek | mt7620 | - | |
mediatek | mt7610_firmware | 7.4.0.0 | |
mediatek | mt7610 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*", matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*", matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).", }, { lang: "es", value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).", }, ], id: "CVE-2021-35055", lastModified: "2024-11-21T06:11:45.600", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T00:15:09.213", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }