Vulnerability Description
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mediatek | Mt5221 Firmware | 7.6.6.0 |
| Mediatek | Mt5221 | - |
| Mediatek | Mt7603 Firmware | 7.6.6.0 |
| Mediatek | Mt7603 | - |
| Mediatek | Mt7613 Firmware | 7.6.6.0 |
| Mediatek | Mt7613 | - |
| Mediatek | Mt7615 Firmware | 7.6.6.0 |
| Mediatek | Mt7615 | - |
| Mediatek | Mt7622 Firmware | 7.6.6.0 |
| Mediatek | Mt7622 | - |
| Mediatek | Mt7628 Firmware | 7.6.6.0 |
| Mediatek | Mt7628 | - |
| Mediatek | Mt7629 Firmware | 7.6.6.0 |
| Mediatek | Mt7629 | - |
| Mediatek | Mt7663 Firmware | 7.6.6.0 |
| Mediatek | Mt7663 | - |
| Mediatek | Mt7668 Firmware | 7.6.6.0 |
| Mediatek | Mt7668 | - |
| Mediatek | Mt7682 Firmware | 7.6.6.0 |
| Mediatek | Mt7682 | - |
References
- https://corp.mediatek.com/product-security-bulletin/February-2023Vendor Advisory
- https://corp.mediatek.com/product-security-bulletin/February-2023Vendor Advisory
FAQ
What is CVE-2022-32656?
CVE-2022-32656 is a vulnerability with a CVSS score of 6.7 (MEDIUM). In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is n...
How severe is CVE-2022-32656?
CVE-2022-32656 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-32656?
Check the references section above for vendor advisories and patch information. Affected products include: Mediatek Mt5221 Firmware, Mediatek Mt5221, Mediatek Mt7603 Firmware, Mediatek Mt7603, Mediatek Mt7613 Firmware.