Vulnerabilites related to mediatek - mt7615_firmware
cve-2021-37571
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.288Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:10:20",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37571",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37571",
      datePublished: "2021-12-25T23:23:55",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.288Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37560
Vulnerability from cvelistv5
Published
2021-12-25 23:26
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.295Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:31:53",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37560",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37560",
      datePublished: "2021-12-25T23:26:02",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.295Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37564
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.165Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:16:49",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37564",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37564",
      datePublished: "2021-12-25T23:23:26",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.165Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-26438
Vulnerability from cvelistv5
Published
2022-08-01 13:58
Modified
2024-08-03 05:03
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:32.782Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.2.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-01T13:58:53",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-26438",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "7.6.2.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-26438",
      datePublished: "2022-08-01T13:58:53",
      dateReserved: "2022-03-04T00:00:00",
      dateUpdated: "2024-08-03T05:03:32.782Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-26439
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:32.864Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.2.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-01T13:59:04",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-26439",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "7.6.2.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-26439",
      datePublished: "2022-08-01T13:59:04",
      dateReserved: "2022-03-04T00:00:00",
      dateUpdated: "2024-08-03T05:03:32.864Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-26445
Vulnerability from cvelistv5
Published
2022-08-01 14:00
Modified
2024-08-03 05:03
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:32.863Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.2.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-01T14:00:32",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-26445",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "7.6.2.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-26445",
      datePublished: "2022-08-01T14:00:32",
      dateReserved: "2022-03-04T00:00:00",
      dateUpdated: "2024-08-03T05:03:32.863Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-32666
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 16:26
Severity ?
Summary
In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.
Impacted products
Vendor Product Version
MediaTek, Inc. MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8365 Version: 7.6.6.0 / IOT-v23.0 (Yocto 4.0)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T07:46:44.957Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/July-2023",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2022-32666",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-04T16:26:43.420231Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-04T16:26:54.136Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8365",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.6.0 / IOT-v23.0 (Yocto 4.0)",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-07-04T01:44:59.030Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/July-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-32666",
      datePublished: "2023-07-04T01:44:59.030Z",
      dateReserved: "2022-06-09T07:04:43.361Z",
      dateUpdated: "2024-12-04T16:26:54.136Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-26443
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:32.862Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.2.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-01T13:59:56",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-26443",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "7.6.2.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-26443",
      datePublished: "2022-08-01T13:59:56",
      dateReserved: "2022-03-04T00:00:00",
      dateUpdated: "2024-08-03T05:03:32.862Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37584
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.320Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:36:31",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37584",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37584",
      datePublished: "2021-12-25T23:25:39",
      dateReserved: "2021-07-27T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.320Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-41788
Vulnerability from cvelistv5
Published
2021-12-25 23:18
Modified
2024-08-04 03:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T03:15:29.306Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:25:00",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-41788",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-41788",
      datePublished: "2021-12-25T23:18:30",
      dateReserved: "2021-09-29T00:00:00",
      dateUpdated: "2024-08-04T03:15:29.306Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-32656
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T07:46:45.240Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.6.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-02-06T00:00:00",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-32656",
      datePublished: "2023-02-06T00:00:00",
      dateReserved: "2022-06-09T00:00:00",
      dateUpdated: "2024-08-03T07:46:45.240Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37583
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.295Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:08:30",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37583",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37583",
      datePublished: "2021-12-25T23:24:05",
      dateReserved: "2021-07-27T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.295Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-32655
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T07:46:45.130Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.6.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-02-06T00:00:00",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-32655",
      datePublished: "2023-02-06T00:00:00",
      dateReserved: "2022-06-09T00:00:00",
      dateUpdated: "2024-08-03T07:46:45.130Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-32654
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T07:46:44.958Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.6.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-02-06T00:00:00",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-32654",
      datePublished: "2023-02-06T00:00:00",
      dateReserved: "2022-06-09T00:00:00",
      dateUpdated: "2024-08-03T07:46:44.958Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37565
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.285Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:15:04",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37565",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37565",
      datePublished: "2021-12-25T23:23:36",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.285Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37566
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.194Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:04:35",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37566",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37566",
      datePublished: "2021-12-25T23:24:32",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.194Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-41789
Vulnerability from cvelistv5
Published
2022-01-04 15:54
Modified
2024-08-04 03:15
Severity ?
Summary
In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T03:15:29.254Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-04T15:54:41",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-41789",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-41789",
      datePublished: "2022-01-04T15:54:41",
      dateReserved: "2021-09-29T00:00:00",
      dateUpdated: "2024-08-04T03:15:29.254Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-26440
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:32.664Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.2.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-01T13:59:19",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-26440",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "7.6.2.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-26440",
      datePublished: "2022-08-01T13:59:19",
      dateReserved: "2022-03-04T00:00:00",
      dateUpdated: "2024-08-03T05:03:32.664Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37567
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.324Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:13:19",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37567",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37567",
      datePublished: "2021-12-25T23:23:45",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.324Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37562
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.387Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:57:22",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37562",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37562",
      datePublished: "2021-12-25T23:24:41",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.387Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37563
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.161Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:38:28",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37563",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37563",
      datePublished: "2021-12-25T23:25:29",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.161Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-32467
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-03 23:17
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:17:29.548Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:44:03",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-32467",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-32467",
      datePublished: "2021-12-25T23:25:19",
      dateReserved: "2021-05-07T00:00:00",
      dateUpdated: "2024-08-03T23:17:29.548Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-32658
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T07:46:44.925Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.6.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-01-03T00:00:00",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-32658",
      datePublished: "2023-01-03T00:00:00",
      dateReserved: "2022-06-09T00:00:00",
      dateUpdated: "2024-08-03T07:46:44.925Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-35055
Vulnerability from cvelistv5
Published
2021-12-25 23:26
Modified
2024-08-04 00:33
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:33:50.868Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:28:49",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-35055",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-35055",
      datePublished: "2021-12-25T23:26:13",
      dateReserved: "2021-06-21T00:00:00",
      dateUpdated: "2024-08-04T00:33:50.868Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-26441
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:32.837Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.2.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-01T13:59:30",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-26441",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "7.6.2.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-26441",
      datePublished: "2022-08-01T13:59:30",
      dateReserved: "2022-03-04T00:00:00",
      dateUpdated: "2024-08-03T05:03:32.837Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-26444
Vulnerability from cvelistv5
Published
2022-08-01 14:00
Modified
2024-08-03 05:03
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:32.852Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.2.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-01T14:00:15",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-26444",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "7.6.2.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-26444",
      datePublished: "2022-08-01T14:00:15",
      dateReserved: "2022-03-04T00:00:00",
      dateUpdated: "2024-08-03T05:03:32.852Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37561
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.231Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:34:15",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37561",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37561",
      datePublished: "2021-12-25T23:25:53",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.231Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-32468
Vulnerability from cvelistv5
Published
2021-12-25 23:25
Modified
2024-08-03 23:17
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:17:29.572Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:46:37",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-32468",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-32468",
      datePublished: "2021-12-25T23:25:09",
      dateReserved: "2021-05-07T00:00:00",
      dateUpdated: "2024-08-03T23:17:29.572Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-32469
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-03 23:17
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:17:29.547Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T21:52:34",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-32469",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-32469",
      datePublished: "2021-12-25T23:24:52",
      dateReserved: "2021-05-07T00:00:00",
      dateUpdated: "2024-08-03T23:17:29.547Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37569
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.346Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:06:21",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37569",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37569",
      datePublished: "2021-12-25T23:24:23",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.346Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-32663
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T07:46:44.927Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7668, MT7902, MT7915, MT7916, MT7921, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8788",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.6.1",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-02-06T00:00:00",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-32663",
      datePublished: "2023-02-06T00:00:00",
      dateReserved: "2022-06-09T00:00:00",
      dateUpdated: "2024-08-03T07:46:44.927Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37570
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.294Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:18:44",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37570",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37570",
      datePublished: "2021-12-25T23:23:12",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.294Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-32657
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T07:46:45.233Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.6.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-01-03T00:00:00",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-32657",
      datePublished: "2023-01-03T00:00:00",
      dateReserved: "2022-06-09T00:00:00",
      dateUpdated: "2024-08-03T07:46:45.233Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37572
Vulnerability from cvelistv5
Published
2021-12-25 23:23
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.328Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:20:35",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37572",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37572",
      datePublished: "2021-12-25T23:23:02",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.328Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37568
Vulnerability from cvelistv5
Published
2021-12-25 23:24
Modified
2024-08-04 01:23
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:23:01.219Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-05T22:29:52",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37568",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                  },
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                     refsource: "CONFIRM",
                     url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37568",
      datePublished: "2021-12-25T23:24:14",
      dateReserved: "2021-07-26T00:00:00",
      dateUpdated: "2024-08-04T01:23:01.219Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-32659
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T07:46:45.232Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915, MT7916, MT7981, MT7986, MT8518S, MT8532",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.6.0, and Yocto 3.1, 3.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-01-03T00:00:00",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-32659",
      datePublished: "2023-01-03T00:00:00",
      dateReserved: "2022-06-09T00:00:00",
      dateUpdated: "2024-08-03T07:46:45.232Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-26442
Vulnerability from cvelistv5
Published
2022-08-01 13:59
Modified
2024-08-03 05:03
Severity ?
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:32.816Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "7.6.2.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-01T13:59:43",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-26442",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT7603, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915, MT7916, MT7986, MT8981",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "7.6.2.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-26442",
      datePublished: "2022-08-01T13:59:43",
      dateReserved: "2022-03-04T00:00:00",
      dateUpdated: "2024-08-03T05:03:32.816Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.",
      },
      {
         lang: "es",
         value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420037; ID de Incidencia: GN20220420037",
      },
   ],
   id: "CVE-2022-26440",
   lastModified: "2024-11-21T06:53:57.127",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-01T14:15:09.627",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:26
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en dispositivos NETGEAR hasta 13-12-20213 y otros dispositivos, manejan inapropiadamente los intentos de inundación de autenticación Wi-Fi. (Chipsets afectados MT7603E, MT7612, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0).",
      },
   ],
   id: "CVE-2021-41788",
   lastModified: "2024-11-21T06:26:45.750",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:10.043",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.",
      },
      {
         lang: "es",
         value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420075; ID de Incidencia: GN20220420075",
      },
   ],
   id: "CVE-2022-26444",
   lastModified: "2024-11-21T06:53:57.617",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-01T14:15:09.800",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-37571",
   lastModified: "2024-11-21T06:15:26.910",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.840",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A8F854F-2BB7-4997-8611-49680E5E3847",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7A96E7F-BDCF-41DF-8671-63B8C215616C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-37566",
   lastModified: "2024-11-21T06:15:25.943",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.587",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-37583",
   lastModified: "2024-11-21T06:15:28.013",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.940",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos NETGEAR versiones hasta 11-11-2021 y en otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Lectura fuera de límites).",
      },
   ],
   id: "CVE-2021-37562",
   lastModified: "2024-11-21T06:15:25.240",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.377",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-37569",
   lastModified: "2024-11-21T06:15:26.583",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.737",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.",
      },
      {
         lang: "es",
         value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420013; ID de Incidencia: GN20220420013",
      },
   ],
   id: "CVE-2022-26438",
   lastModified: "2024-11-21T06:53:56.860",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-01T14:15:09.537",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Lectura fuera de límites).",
      },
   ],
   id: "CVE-2021-37567",
   lastModified: "2024-11-21T06:15:26.113",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.637",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:06
Summary
In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "437D8F9D-67DF-47A5-9C96-5B51D1562951",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.",
      },
   ],
   id: "CVE-2022-32666",
   lastModified: "2024-11-21T07:06:50.657",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-07-04T02:15:09.480",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/July-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/July-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-37568",
   lastModified: "2024-11-21T06:15:26.400",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.687",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
Impacted products
Vendor Product Version
mediatek mt5221_firmware 7.6.6.0
mediatek mt5221 -
mediatek mt7603_firmware 7.6.6.0
mediatek mt7603 -
mediatek mt7613_firmware 7.6.6.0
mediatek mt7613 -
mediatek mt7615_firmware 7.6.6.0
mediatek mt7615 -
mediatek mt7622_firmware 7.6.6.0
mediatek mt7622 -
mediatek mt7628_firmware 7.6.6.0
mediatek mt7628 -
mediatek mt7629_firmware 7.6.6.0
mediatek mt7629 -
mediatek mt7663_firmware 7.6.6.0
mediatek mt7663 -
mediatek mt7668_firmware 7.6.6.0
mediatek mt7668 -
mediatek mt7682_firmware 7.6.6.0
mediatek mt7682 -
mediatek mt7686_firmware 7.6.6.0
mediatek mt7686 -
mediatek mt7687_firmware 7.6.6.0
mediatek mt7687 -
mediatek mt7697_firmware 7.6.6.0
mediatek mt7697 -
mediatek mt7902_firmware 7.6.6.0
mediatek mt7902 -
mediatek mt7915_firmware 7.6.6.0
mediatek mt7915 -
mediatek mt7916_firmware 7.6.6.0
mediatek mt7916 -
mediatek mt7921_firmware 7.6.6.0
mediatek mt7921 -
mediatek mt7933_firmware 7.6.6.0
mediatek mt7933 -
mediatek mt7981_firmware 7.6.6.0
mediatek mt7981 -
mediatek mt7986_firmware 7.6.6.0
mediatek mt7986 -
mediatek mt8167s_firmware 7.6.6.0
mediatek mt8167s -
mediatek mt8175_firmware 7.6.6.0
mediatek mt8175 -
mediatek mt8362a_firmware 7.6.6.0
mediatek mt8362a -
mediatek mt8365_firmware 7.6.6.0
mediatek mt8365 -
mediatek mt8385_firmware 7.6.6.0
mediatek mt8385 -
mediatek mt8518s_firmware 7.6.6.0
mediatek mt8518s -
mediatek mt8532_firmware 7.6.6.0
mediatek mt8532 -
mediatek mt8695_firmware 7.6.6.0
mediatek mt8695 -
mediatek mt8696_firmware 7.6.6.0
mediatek mt8696 -
mediatek mt8788_firmware 7.6.6.0
mediatek mt8788 -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F9621A8-A63C-4831-9887-3C5C62B05FAA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D94F1C2D-5749-4BD7-916A-416A88AA858F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "10C79211-F064-499D-914E-0BACD038FBF4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9371F16-8A35-4052-BF0A-500F6042FFBA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C293668-B45D-4576-8B25-5B5BCD983891",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "413F83A0-2B78-47A4-B80D-4554C01B1F3C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D3B5E86-E109-45AA-97BA-8EC81E55A332",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B75820B-B73F-47AB-A25A-4A624767B740",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5414D487-223D-4195-AEA6-429AD30DFCE4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B70678B8-78D6-4651-BE58-44374273F3FC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "605F4D0F-FF81-4CB8-9D25-2FA9410793DB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED333D7-1DF2-48EB-8617-16D604070D9C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "727F29FD-E8DA-46F1-9C98-9D194E981E38",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C557CA7B-C1ED-44C3-9E5F-659D74A6359A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A937256-84A3-48A8-BF28-14C87B09EB6D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "79456DE4-1CF2-4B64-9BF1-B2F9D841F864",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE9F2265-32D5-4EEA-8FAD-ECECC8231281",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF834C63-5493-480D-9803-9C2FAA6F41AB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.",
      },
   ],
   id: "CVE-2022-32654",
   lastModified: "2024-11-21T07:06:49.327",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-02-06T20:15:11.057",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Summary
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA350781-A776-48D1-A9C3-1EB32DC152D3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "44F24643-4E2F-49A1-8FE9-8B2105C87CC1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C76FDEBB-51AF-4367-9669-172D4803E11E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B1B95AE-F68D-4E3E-BD71-460576776218",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E5423C5-3A3D-4496-B8D6-857C90329CEE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D2CC90E-F75D-40DC-894E-9AF171338FD2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "2159C96A-299E-4636-B129-2BEAC9B607DE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF127C7A-44E3-441A-AD95-63DE93C7E9EE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6864912-841E-41A4-9E30-6E8CA2B6F44D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDEC60B1-A589-4BC4-80A8-ED1D3B2F38AE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B562C9FF-8527-4D48-8DCE-A30F6E2CC10A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B48743A-911C-4B44-9042-A7BFA9B5C53E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "A83A21DA-8E3E-43A4-99E8-0AFC84A172BE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC1983D4-082C-4C29-BDAA-13A5BAE02E6A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBCA0B42-B959-40A0-8403-4DD5C823E0B9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2EFD461-3F8E-40F9-AE7F-9E9729C7ED83",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0E6861E-4197-42A4-A411-2A8E0085E4D9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "ECAC8D2E-19F2-4559-B57A-35BFA1736AB8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "F716928E-BC95-48F2-AF07-CBD5CA9E72D1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "54F370BA-2715-45EC-8F15-2325EAEDAD1C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "BAA0C430-BC99-4736-978E-3BD91AA049BA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "733A3CF0-CF17-412E-A93D-E8E093EB334D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.",
      },
   ],
   id: "CVE-2022-32663",
   lastModified: "2024-11-21T07:06:50.210",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-02-06T20:15:11.203",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-37563",
   lastModified: "2024-11-21T06:15:25.437",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.430",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.",
      },
      {
         lang: "es",
         value: "En el controlador de Wi-Fi, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: GN20220705059; ID del problema: GN20220705059.",
      },
   ],
   id: "CVE-2022-32658",
   lastModified: "2024-11-21T07:06:49.923",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-01-03T21:15:12.553",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-755",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-01-04 16:15
Modified
2024-11-21 06:26
Summary
In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.
Impacted products
Vendor Product Version
mediatek mt7615_firmware 4.4.1.1
mediatek mt7615 -
mediatek mt7622_firmware 4.4.1.1
mediatek mt7622 -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:4.4.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "586FD485-E748-4CD9-A9CD-F384D02D023A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:4.4.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDE3EC04-6832-4B70-B66C-3D9CB83E21E3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.",
      },
      {
         lang: "es",
         value: "En el controlador wifi, se presenta un posible fallo del sistema debido a una falta de comprobación de comprobación. Esto podría conllevar a una denegación de servicio remota por parte de un atacante proximal sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20190426015; ID de Incidencia: GN20190426015",
      },
   ],
   id: "CVE-2021-41789",
   lastModified: "2024-11-21T06:26:45.923",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-01-04T16:15:09.527",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Lectura fuera de límites).",
      },
   ],
   id: "CVE-2021-37570",
   lastModified: "2024-11-21T06:15:26.743",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.787",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en dispositivos NETGEAR hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-37584",
   lastModified: "2024-11-21T06:15:28.173",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.990",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.",
      },
      {
         lang: "es",
         value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420020; ID de Incidencia: GN20220420020",
      },
   ],
   id: "CVE-2022-26439",
   lastModified: "2024-11-21T06:53:56.993",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-01T14:15:09.583",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:07
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915 Versiones de software afectadas 7.4.0.0; lectura fuera de límites).",
      },
   ],
   id: "CVE-2021-32469",
   lastModified: "2024-11-21T06:07:05.890",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.160",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-37560",
   lastModified: "2024-11-21T06:15:24.883",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.267",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.",
      },
      {
         lang: "es",
         value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420068; ID de Incidencia: GN20220420068",
      },
   ],
   id: "CVE-2022-26443",
   lastModified: "2024-11-21T06:53:57.493",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-01T14:15:09.757",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.",
      },
      {
         lang: "es",
         value: "En el controlador de Wi-Fi, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: GN20220705042; ID del problema: GN20220705042.",
      },
   ],
   id: "CVE-2022-32657",
   lastModified: "2024-11-21T07:06:49.793",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-01-03T21:15:12.370",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-755",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "165C6E7B-6487-4BBB-B090-7A33FE537226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:thelinuxfoundation:yocto:3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F050E461-8A68-4451-AC03-182E38FE7883",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.",
      },
      {
         lang: "es",
         value: "En el controlador de Wi-Fi, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: GN20220705066; ID del problema: GN20220705066.",
      },
   ],
   id: "CVE-2022-32659",
   lastModified: "2024-11-21T07:06:50.060",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-01-03T21:15:12.603",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-755",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:07
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Lectura fuera de límites).",
      },
   ],
   id: "CVE-2021-32468",
   lastModified: "2024-11-21T06:07:05.733",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.107",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos NETGEAR versiones hasta 11-11-2021 y en otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Falta la autorización).",
      },
   ],
   id: "CVE-2021-37572",
   lastModified: "2024-11-21T06:15:27.063",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.890",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.",
      },
      {
         lang: "es",
         value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420088; ID de Incidencia: GN20220420088",
      },
   ],
   id: "CVE-2022-26445",
   lastModified: "2024-11-21T06:53:57.747",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-01T14:15:09.843",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.",
      },
      {
         lang: "es",
         value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420044; ID de Incidencia: GN20220420044",
      },
   ],
   id: "CVE-2022-26441",
   lastModified: "2024-11-21T06:53:57.250",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-01T14:15:09.670",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:07
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",
      },
      {
         lang: "es",
         value: "Los microchips MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Lectura fuera de límites).",
      },
   ],
   id: "CVE-2021-32467",
   lastModified: "2024-11-21T06:07:05.550",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.050",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-37561",
   lastModified: "2024-11-21T06:15:25.060",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.317",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Lectura fuera de límites).",
      },
   ],
   id: "CVE-2021-37564",
   lastModified: "2024-11-21T06:15:25.613",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.480",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
Impacted products
Vendor Product Version
mediatek mt5221_firmware 7.6.6.0
mediatek mt5221 -
mediatek mt7603_firmware 7.6.6.0
mediatek mt7603 -
mediatek mt7613_firmware 7.6.6.0
mediatek mt7613 -
mediatek mt7615_firmware 7.6.6.0
mediatek mt7615 -
mediatek mt7622_firmware 7.6.6.0
mediatek mt7622 -
mediatek mt7628_firmware 7.6.6.0
mediatek mt7628 -
mediatek mt7629_firmware 7.6.6.0
mediatek mt7629 -
mediatek mt7663_firmware 7.6.6.0
mediatek mt7663 -
mediatek mt7668_firmware 7.6.6.0
mediatek mt7668 -
mediatek mt7682_firmware 7.6.6.0
mediatek mt7682 -
mediatek mt7686_firmware 7.6.6.0
mediatek mt7686 -
mediatek mt7687_firmware 7.6.6.0
mediatek mt7687 -
mediatek mt7697_firmware 7.6.6.0
mediatek mt7697 -
mediatek mt7902_firmware 7.6.6.0
mediatek mt7902 -
mediatek mt7915_firmware 7.6.6.0
mediatek mt7915 -
mediatek mt7916_firmware 7.6.6.0
mediatek mt7916 -
mediatek mt7921_firmware 7.6.6.0
mediatek mt7921 -
mediatek mt7933_firmware 7.6.6.0
mediatek mt7933 -
mediatek mt7981_firmware 7.6.6.0
mediatek mt7981 -
mediatek mt7986_firmware 7.6.6.0
mediatek mt7986 -
mediatek mt8167s_firmware 7.6.6.0
mediatek mt8167s -
mediatek mt8175_firmware 7.6.6.0
mediatek mt8175 -
mediatek mt8362a_firmware 7.6.6.0
mediatek mt8362a -
mediatek mt8365_firmware 7.6.6.0
mediatek mt8365 -
mediatek mt8385_firmware 7.6.6.0
mediatek mt8385 -
mediatek mt8518s_firmware 7.6.6.0
mediatek mt8518s -
mediatek mt8532_firmware 7.6.6.0
mediatek mt8532 -
mediatek mt8695_firmware 7.6.6.0
mediatek mt8695 -
mediatek mt8696_firmware 7.6.6.0
mediatek mt8696 -
mediatek mt8788_firmware 7.6.6.0
mediatek mt8788 -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F9621A8-A63C-4831-9887-3C5C62B05FAA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D94F1C2D-5749-4BD7-916A-416A88AA858F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "10C79211-F064-499D-914E-0BACD038FBF4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9371F16-8A35-4052-BF0A-500F6042FFBA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C293668-B45D-4576-8B25-5B5BCD983891",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "413F83A0-2B78-47A4-B80D-4554C01B1F3C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D3B5E86-E109-45AA-97BA-8EC81E55A332",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B75820B-B73F-47AB-A25A-4A624767B740",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5414D487-223D-4195-AEA6-429AD30DFCE4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B70678B8-78D6-4651-BE58-44374273F3FC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "605F4D0F-FF81-4CB8-9D25-2FA9410793DB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED333D7-1DF2-48EB-8617-16D604070D9C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "727F29FD-E8DA-46F1-9C98-9D194E981E38",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C557CA7B-C1ED-44C3-9E5F-659D74A6359A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A937256-84A3-48A8-BF28-14C87B09EB6D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "79456DE4-1CF2-4B64-9BF1-B2F9D841F864",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE9F2265-32D5-4EEA-8FAD-ECECC8231281",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF834C63-5493-480D-9803-9C2FAA6F41AB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.",
      },
   ],
   id: "CVE-2022-32656",
   lastModified: "2024-11-21T07:06:49.640",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-02-06T20:15:11.157",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Summary
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A802BEB-F802-47E7-9F42-5E43270B404B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "97276E66-7481-477F-BB98-039EB0417568",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAA2798C-4692-46E8-BF82-FABA523B0054",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A3887B7-E905-46AE-8920-8FCAADF45656",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2EE434DA-106D-4C37-8B10-6AEDBAE8E28E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE40754-3614-4C45-9DF2-B48B483124DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "92674CFB-109A-43FC-8EBC-4FE42165332F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F966AA1A-FC7C-45A4-B5C7-EE65D279EBE2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8A964FD-9CE2-4CB7-9EE5-9FCADBAD1AEB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD444095-9C7D-406B-A61C-D7D058DB53A5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F840F1-3C6E-4249-A259-69C20410599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A3406DF-842F-48E5-9FA8-C3EBFB191876",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4F0E-F3E5-463F-9A7C-567F2B1B3B07",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5517F263-2589-47B7-8958-6B71E236A39D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.",
      },
      {
         lang: "es",
         value: "En wifi driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: GN20220420051; ID de Incidencia: GN20220420051",
      },
   ],
   id: "CVE-2022-26442",
   lastModified: "2024-11-21T06:53:57.377",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-01T14:15:09.713",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/August-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
Impacted products
Vendor Product Version
mediatek mt5221_firmware 7.6.6.0
mediatek mt5221 -
mediatek mt7603_firmware 7.6.6.0
mediatek mt7603 -
mediatek mt7613_firmware 7.6.6.0
mediatek mt7613 -
mediatek mt7615_firmware 7.6.6.0
mediatek mt7615 -
mediatek mt7622_firmware 7.6.6.0
mediatek mt7622 -
mediatek mt7628_firmware 7.6.6.0
mediatek mt7628 -
mediatek mt7629_firmware 7.6.6.0
mediatek mt7629 -
mediatek mt7663_firmware 7.6.6.0
mediatek mt7663 -
mediatek mt7668_firmware 7.6.6.0
mediatek mt7668 -
mediatek mt7682_firmware 7.6.6.0
mediatek mt7682 -
mediatek mt7686_firmware 7.6.6.0
mediatek mt7686 -
mediatek mt7687_firmware 7.6.6.0
mediatek mt7687 -
mediatek mt7697_firmware 7.6.6.0
mediatek mt7697 -
mediatek mt7902_firmware 7.6.6.0
mediatek mt7902 -
mediatek mt7915_firmware 7.6.6.0
mediatek mt7915 -
mediatek mt7916_firmware 7.6.6.0
mediatek mt7916 -
mediatek mt7921_firmware 7.6.6.0
mediatek mt7921 -
mediatek mt7933_firmware 7.6.6.0
mediatek mt7933 -
mediatek mt7981_firmware 7.6.6.0
mediatek mt7981 -
mediatek mt7986_firmware 7.6.6.0
mediatek mt7986 -
mediatek mt8167s_firmware 7.6.6.0
mediatek mt8167s -
mediatek mt8175_firmware 7.6.6.0
mediatek mt8175 -
mediatek mt8362a_firmware 7.6.6.0
mediatek mt8362a -
mediatek mt8365_firmware 7.6.6.0
mediatek mt8365 -
mediatek mt8385_firmware 7.6.6.0
mediatek mt8385 -
mediatek mt8518s_firmware 7.6.6.0
mediatek mt8518s -
mediatek mt8532_firmware 7.6.6.0
mediatek mt8532 -
mediatek mt8695_firmware 7.6.6.0
mediatek mt8695 -
mediatek mt8696_firmware 7.6.6.0
mediatek mt8696 -
mediatek mt8788_firmware 7.6.6.0
mediatek mt8788 -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F9621A8-A63C-4831-9887-3C5C62B05FAA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "518D4593-D5E2-489C-92C3-343716A621E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE7D50BA-4588-406B-9873-EB067B1FADC0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "188DCE87-D893-4109-B946-5A943723021E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1144B15B-0F33-4622-9534-D22741EA6C4A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "572E4322-E017-4298-B34D-F54CB43E599F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D94F1C2D-5749-4BD7-916A-416A88AA858F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "10C79211-F064-499D-914E-0BACD038FBF4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9371F16-8A35-4052-BF0A-500F6042FFBA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E400AB9-B82A-4449-8789-35112940270F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C293668-B45D-4576-8B25-5B5BCD983891",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "413F83A0-2B78-47A4-B80D-4554C01B1F3C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D3B5E86-E109-45AA-97BA-8EC81E55A332",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B75820B-B73F-47AB-A25A-4A624767B740",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5414D487-223D-4195-AEA6-429AD30DFCE4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B70678B8-78D6-4651-BE58-44374273F3FC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "14734451-2D61-4EB5-8BB2-414E2BEDC534",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5AA441-5381-4179-89EB-1642120F72B4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "605F4D0F-FF81-4CB8-9D25-2FA9410793DB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED333D7-1DF2-48EB-8617-16D604070D9C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "727F29FD-E8DA-46F1-9C98-9D194E981E38",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "81B46566-AE03-4B6B-8B25-13621A060156",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "490CD97B-021F-4350-AEE7-A2FA866D5889",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "72A30F15-0654-4479-8944-6AF67F610AF3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A9E917-4B34-403F-B512-09EEBEA46811",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C557CA7B-C1ED-44C3-9E5F-659D74A6359A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A937256-84A3-48A8-BF28-14C87B09EB6D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "60521D31-F322-4740-9F8F-F16D76902BBC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "79456DE4-1CF2-4B64-9BF1-B2F9D841F864",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE9F2265-32D5-4EEA-8FAD-ECECC8231281",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF834C63-5493-480D-9803-9C2FAA6F41AB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.",
      },
   ],
   id: "CVE-2022-32655",
   lastModified: "2024-11-21T07:06:49.490",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-02-06T20:15:11.107",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/February-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-755",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:15
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD56822-51D2-4172-A5B6-1EEE4B75B884",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0518BCFD-17FF-4870-9620-F1A020D95517",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2B0FBA-9C31-48F4-AEAE-CD39C3572782",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "60598D7E-5BC7-4AC7-8316-D32D51CD9949",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E74E307C-2893-47C9-8036-7B901D0110A9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DAB4DE7-D53B-4519-9E84-AC2AFE2C0EA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "68714C88-0EE6-4FED-98DD-B2C4860C0A22",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en los dispositivos de NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Lectura fuera de límites).",
      },
   ],
   id: "CVE-2021-37565",
   lastModified: "2024-11-21T06:15:25.773",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.533",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-26 00:15
Modified
2024-11-21 06:11
Summary
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "95006BC1-1D6B-43D8-B515-BB7F30C94472",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B203F4-4D03-4A73-8092-030FE5764CA5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B3F2D2C-D87A-403E-A194-BD8797D78924",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "25257636-C8AC-4E4C-A00F-1A1BF3E72078",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B77A0F-BBCF-454D-8927-11C891850CEA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05748BB1-0D48-4097-932E-E8E2E574FD8D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B52A858-3216-4579-A76B-3988A239077F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5532D40-0EAC-41F2-A6E4-006EE13A8276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7476AF58-342B-4E2A-BEAD-E379097148D2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AD2CEE9-3739-4C51-B79D-4D4F9F602185",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1127295C-C0A2-4B1E-8ACB-BAD4E6A7D521",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AB22996-9C22-4B6C-9E94-E4C055D16335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A729B62-9999-4745-97C3-EF66BF9B6FA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B0B94BA-F66C-461D-920C-1E878E6849E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C03BF7F6-0999-4D09-A3F1-88533015FB9A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "576AE083-F993-4F1A-B6A1-9481E44FB358",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",
      },
      {
         lang: "es",
         value: "Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de límites).",
      },
   ],
   id: "CVE-2021-35055",
   lastModified: "2024-11-21T06:11:45.600",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-26T00:15:09.213",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/January-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}