CVE-2022-26445 - Mediatek Mt7620 Firmware, Mediatek Mt7629 Firmware and Mediatek Mt7628 Firmware

August 1, 2022

Moderate 6.7

In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.

Affected software

Mediatek Mt7620 Firmware

Mediatek Mt7629 Firmware

Mediatek Mt7628 Firmware

Mediatek Mt7615 Firmware

Mediatek Mt7915 Firmware

Mediatek Mt7622 Firmware

Mediatek Mt7612 Firmware

Mediatek Mt7603 Firmware

Mediatek Mt7986 Firmware

Mediatek Mt8981 Firmware

Mediatek Mt7613 Firmware

Mediatek Mt7610 Firmware

Mediatek Mt7916 Firmware

Reference links

https://corp.mediatek.com/product-security-bulletin/August-2022

CVE-2022-26445 - Mediatek Mt7620 Firmware, Mediatek Mt7629 Firmware and Mediatek Mt7628 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software