VAR-202207-0287
Vulnerability from variot - Updated: 2023-12-18 11:06In audio DSP, there is a possible memory corruption due to improper casting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558822; Issue ID: ALPS06558822. MediaTek Inc. is the world's fourth largest fab semiconductor company, with a leading position in mobile terminals, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion units a year End products with built-in MediaTek chips are available worldwide.
There are type conversion vulnerabilities in the audio DSPs of several MediaTek chips, which can be exploited by attackers to escalate privileges without requiring user interaction
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-0287",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "11.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "12.0"
},
{
"model": "mt6833 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6833 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6873 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6873 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6877 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6877 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6885 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6885 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6983 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6983 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt8797 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt8797 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6853 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6853 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6879 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6879 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6893 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6893 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6895 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt6895 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt8791 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt8791 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt8798 android11.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
},
{
"model": "mt8798 android12.0",
"scope": null,
"trust": 0.6,
"vendor": "mediatek",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-66246"
},
{
"db": "NVD",
"id": "CVE-2022-21786"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-21786"
}
]
},
"cve": "CVE-2022-21786",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2022-66246",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2022-21786",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-21786",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2022-66246",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-453",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-21786",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-66246"
},
{
"db": "VULMON",
"id": "CVE-2022-21786"
},
{
"db": "NVD",
"id": "CVE-2022-21786"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-453"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In audio DSP, there is a possible memory corruption due to improper casting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558822; Issue ID: ALPS06558822. MediaTek Inc. is the world\u0027s fourth largest fab semiconductor company, with a leading position in mobile terminals, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion units a year End products with built-in MediaTek chips are available worldwide. \n\r\n\r\nThere are type conversion vulnerabilities in the audio DSPs of several MediaTek chips, which can be exploited by attackers to escalate privileges without requiring user interaction",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-21786"
},
{
"db": "CNVD",
"id": "CNVD-2022-66246"
},
{
"db": "VULMON",
"id": "CVE-2022-21786"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-21786",
"trust": 2.3
},
{
"db": "CNVD",
"id": "CNVD-2022-66246",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022070819",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-453",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-21786",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-66246"
},
{
"db": "VULMON",
"id": "CVE-2022-21786"
},
{
"db": "NVD",
"id": "CVE-2022-21786"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-453"
}
]
},
"id": "VAR-202207-0287",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-66246"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-66246"
}
]
},
"last_update_date": "2023-12-18T11:06:47.716000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Multiple MediaTek chip audio DSP type conversion vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/353591"
},
{
"title": "MediaTek Repair measures for chip code bugs",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=199230"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-66246"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-453"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-704",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-21786"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://corp.mediatek.com/product-security-bulletin/july-2022"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21786"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022070819"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-21786/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/704.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-66246"
},
{
"db": "VULMON",
"id": "CVE-2022-21786"
},
{
"db": "NVD",
"id": "CVE-2022-21786"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-453"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-66246"
},
{
"db": "VULMON",
"id": "CVE-2022-21786"
},
{
"db": "NVD",
"id": "CVE-2022-21786"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-453"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-66246"
},
{
"date": "2022-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2022-21786"
},
{
"date": "2022-07-06T14:15:18.177000",
"db": "NVD",
"id": "CVE-2022-21786"
},
{
"date": "2022-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-453"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-66246"
},
{
"date": "2022-07-14T00:00:00",
"db": "VULMON",
"id": "CVE-2022-21786"
},
{
"date": "2022-07-14T02:02:15.527000",
"db": "NVD",
"id": "CVE-2022-21786"
},
{
"date": "2022-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-453"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-453"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple MediaTek chip audio DSP type conversion vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-66246"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-453"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…