Vulnerability Details CVE-2022-26447
In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.0%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2022-26447
-
cpe:2.3:h:mediatek:mt6580:-
-
cpe:2.3:h:mediatek:mt6735:-
-
cpe:2.3:h:mediatek:mt6737:-
-
cpe:2.3:h:mediatek:mt6739:-
-
cpe:2.3:h:mediatek:mt6750s:-
-
cpe:2.3:h:mediatek:mt6753:-
-
cpe:2.3:h:mediatek:mt6755s:-
-
cpe:2.3:h:mediatek:mt6757:-
-
cpe:2.3:h:mediatek:mt6757c:-
-
cpe:2.3:h:mediatek:mt6757cd:-
-
cpe:2.3:h:mediatek:mt6757ch:-
-
cpe:2.3:h:mediatek:mt6763:-
-
cpe:2.3:h:mediatek:mt6771:-
-
cpe:2.3:h:mediatek:mt8163:-
-
cpe:2.3:h:mediatek:mt8167:-
-
cpe:2.3:h:mediatek:mt8167s:-
-
cpe:2.3:h:mediatek:mt8173:-
-
cpe:2.3:h:mediatek:mt8183:-
-
cpe:2.3:h:mediatek:mt8321:-
-
cpe:2.3:h:mediatek:mt8362a:-
-
cpe:2.3:h:mediatek:mt8385:-
-
cpe:2.3:h:mediatek:mt8518:-
-
cpe:2.3:h:mediatek:mt8532:-
-
cpe:2.3:h:mediatek:mt8765:-
-
cpe:2.3:h:mediatek:mt8788:-
-
cpe:2.3:o:google:android:10.0
-
cpe:2.3:o:google:android:11.0
-
cpe:2.3:o:google:android:12.0
-
cpe:2.3:o:yoctoproject:yocto:3.1