Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-20021

In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198513; Issue ID: ALPS06198513.

Published

2022-01-04T16:15:10.600

Last Modified

2024-11-21T06:41:57.907

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:N/I:N/A:P

  • Access Vector: ADJACENT_NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

6.5

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System google android 10.0 Yes
Operating System google android 11.0 Yes
Hardware mediatek awus036nh - No
Hardware mediatek mt6580 - No
Hardware mediatek mt6630 - No
Hardware mediatek mt6735 - No
Hardware mediatek mt6737 - No
Hardware mediatek mt6739 - No
Hardware mediatek mt6750s - No
Hardware mediatek mt6753 - No
Hardware mediatek mt6755s - No
Hardware mediatek mt6757 - No
Hardware mediatek mt6757c - No
Hardware mediatek mt6757cd - No
Hardware mediatek mt6757ch - No
Hardware mediatek mt6763 - No
Hardware mediatek mt6771 - No
Hardware mediatek mt7662t - No
Hardware mediatek mt7663 - No
Hardware mediatek mt7668 - No
Hardware mediatek mt8163 - No
Hardware mediatek mt8167 - No
Hardware mediatek mt8167s - No
Hardware mediatek mt8173 - No
Hardware mediatek mt8183 - No
Hardware mediatek mt8321 - No
Hardware mediatek mt8362a - No
Hardware mediatek mt8362b - No
Hardware mediatek mt8385 - No
Hardware mediatek mt8765 - No
Hardware mediatek mt8788 - No
References