Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-20065

In ccci, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108658; Issue ID: ALPS06108658.

Published

2022-04-11T20:15:18.837

Last Modified

2024-11-21T06:42:04.020

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

3.9

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-125
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System google android 10.0 Yes
Operating System google android 11.0 Yes
Operating System google android 12.0 Yes
Hardware mediatek mt6580 - No
Hardware mediatek mt6737 - No
Hardware mediatek mt6739 - No
Hardware mediatek mt6761 - No
Hardware mediatek mt6762 - No
Hardware mediatek mt6765 - No
Hardware mediatek mt6768 - No
Hardware mediatek mt6769 - No
Hardware mediatek mt6779 - No
Hardware mediatek mt6781 - No
Hardware mediatek mt6785 - No
Hardware mediatek mt6833 - No
Hardware mediatek mt6873 - No
Hardware mediatek mt6875 - No
Hardware mediatek mt6877 - No
Hardware mediatek mt6883 - No
Hardware mediatek mt6885 - No
Hardware mediatek mt6889 - No
Hardware mediatek mt6983 - No
Hardware mediatek mt8321 - No
Hardware mediatek mt8667 - No
Hardware mediatek mt8675 - No
Hardware mediatek mt8765 - No
Hardware mediatek mt8766 - No
Hardware mediatek mt8768 - No
Hardware mediatek mt8786 - No
Hardware mediatek mt8788 - No
Hardware mediatek mt8789 - No
Hardware mediatek mt8797 - No
References