Shodan
Vulnerabilities
Vulnerable Software
Mediatek:  Security Vulnerabilities
CVE-2022-20017
In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862991; Issue ID: ALPS05862991.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-02-09
CVE-2022-20024
In system service, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219064; Issue ID: ALPS06219064.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-02-09
CVE-2022-20025
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126832; Issue ID: ALPS06126832.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-02-09
CVE-2022-20026
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126827; Issue ID: ALPS06126827.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-02-09
CVE-2022-20027
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126826; Issue ID: ALPS06126826.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-02-09
CVE-2021-30636
In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-24
CVE-2022-20012
In mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issue ID: ALPS05836478.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-01-04
CVE-2022-20013
In vow driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05837742.
CVSS Score
6.4
EPSS Score
0.0
Published
2022-01-04
CVE-2022-20014
In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-01-04
CVE-2022-20015
In kd_camera_hw driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862966; Issue ID: ALPS05862966.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-01-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved