CVE-2022-20034 - Vulnerability Details

Vendors	Products
Google	Android
Mediatek	Mt6580 Mt6735 Mt6739 Mt6761 Mt6763 Mt6765 Mt6768 Mt6769 Mt6771 Mt6779 Mt6781 Mt6785 Mt6799 Mt6833 Mt6853 Mt6873 Mt6875 Mt6877 Mt6885 Mt6891 Mt6893

Link	Providers
https://corp.mediatek.com/product-security-bulletin/February-2022

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6873, MT6875, MT6877, MT6885, MT6891, MT6893", "vendor": "MediaTek, Inc.", "versions": [{"status": "affected", "version": "Android 11.0"}]}], "descriptions": [{"lang": "en", "value": "In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160806."}], "problemTypes": [{"descriptions": [{"description": "Elevation of Privilege", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-02-09T22:05:39", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://corp.mediatek.com/product-security-bulletin/February-2022"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mediatek.com", "ID": "CVE-2022-20034", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6873, MT6875, MT6877, MT6885, MT6891, MT6893", "version": {"version_data": [{"version_value": "Android 11.0"}]}}]}, "vendor_name": "MediaTek, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160806."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Elevation of Privilege"}]}]}, "references": {"reference_data": [{"name": "https://corp.mediatek.com/product-security-bulletin/February-2022", "refsource": "MISC", "url": "https://corp.mediatek.com/product-security-bulletin/February-2022"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:55:46.233Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://corp.mediatek.com/product-security-bulletin/February-2022"}]}]}, "cveMetadata": {"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2022-20034", "datePublished": "2022-02-09T22:05:39", "dateReserved": "2021-10-12T00:00:00", "dateUpdated": "2024-08-03T01:55:46.233Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6873, MT6875, MT6877, MT6885, MT6891, MT6893 (string)

vendor : MediaTek, Inc. (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 11.0 (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160806. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Elevation of Privilege (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2022-02-09T22:05:39 (string)

orgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

shortName : MediaTek (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://corp.mediatek.com/product-security-bulletin/February-2022 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security@mediatek.com (string)

ID : CVE-2022-20034 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6873, MT6875, MT6877, MT6885, MT6891, MT6893 (string)

version : { »

version_data : [ »

0 : { »

version_value : Android 11.0 (string)

}

]

}

]

}

vendor_name : MediaTek, Inc. (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160806. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Elevation of Privilege (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://corp.mediatek.com/product-security-bulletin/February-2022 (string)

refsource : MISC (string)

url : https://corp.mediatek.com/product-security-bulletin/February-2022 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T01:55:46.233Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://corp.mediatek.com/product-security-bulletin/February-2022 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

assignerShortName : MediaTek (string)

cveId : CVE-2022-20034 (string)

datePublished : 2022-02-09T22:05:39 (string)

dateReserved : 2021-10-12T00:00:00 (string)

dateUpdated : 2024-08-03T01:55:46.233Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*", "matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160806."}, {"lang": "es", "value": "En Preloader XFLASH, se presenta una posible escalada de privilegios debido a una comprobaci\u00f3n inapropiada del certificado. Esto podr\u00eda conllevar a una escalada local de privilegios para un atacante que tenga acceso f\u00edsico al dispositivo remota sin ser requeridos privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06160806; ID de Incidencia: ALPS06160806"}], "id": "CVE-2022-20034", "lastModified": "2024-11-21T06:41:59.670", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-09T23:15:17.277", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/February-2022"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/February-2022"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 109DD7FD-3A48-4C3D-8E1A-4433B98E1E64 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 46F71838-4E50-4F2A-9EB8-30AE5DF8511E (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C82E144B-0BAD-47E1-A657-3A5880988FE2 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7FA8A390-9F52-4CF3-9B45-936CE3E2B828 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F726F486-A86F-4215-AD93-7A07A071844A (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2F19C76A-50DF-4ACA-BACA-07157B4D838B (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 43E779F6-F0A0-4153-9A1D-B715C3A2F80E (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 06CD97E1-8A76-48B4-9780-9698EF5A960F (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D23991D5-1893-49F4-8A06-D5E66C96C3B3 (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BE4D2AED-C713-407F-A34A-52C3D8F65835 (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EBA369B8-8E23-492B-82CC-23114E6A5D1C (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C4EEE021-6B2A-47A0-AC6B-55525A40D718 (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A82E0A4F-072F-474C-B94C-8114ABE05639 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:* (string)

matchCriteriaId : FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 9814939B-F05E-4870-90C0-7C0F6BAAEB39 (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 366F1912-756B-443E-9962-224937DD7DFB (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B (string)

vulnerable : false (boolean)

}

16 : { »

criteria : cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE (string)

vulnerable : false (boolean)

}

17 : { »

criteria : cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58 (string)

vulnerable : false (boolean)

}

18 : { »

criteria : cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:* (string)

matchCriteriaId : DD64413C-C774-4C4F-9551-89E1AA9469EE (string)

vulnerable : false (boolean)

}

19 : { »

criteria : cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D8E91CA4-CA5B-40D1-9A96-2B875104BCF4 (string)

vulnerable : false (boolean)

}

20 : { »

criteria : cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 213B5C7F-D965-4312-9CDF-4F06FA77D401 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160806. (string)

}

1 : { »

lang : es (string)

value : En Preloader XFLASH, se presenta una posible escalada de privilegios debido a una comprobación inapropiada del certificado. Esto podría conllevar a una escalada local de privilegios para un atacante que tenga acceso físico al dispositivo remota sin ser requeridos privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. ID del Parche: ALPS06160806; ID de Incidencia: ALPS06160806 (string)

}

]

id : CVE-2022-20034 (string)

lastModified : 2024-11-21T06:41:59.670 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 4.6 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:L/AC:L/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : PHYSICAL (string)

availabilityImpact : HIGH (string)

baseScore : 6.8 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 0.9 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-02-09T23:15:17.277 (string)

references : [ »

0 : { »

source : security@mediatek.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://corp.mediatek.com/product-security-bulletin/February-2022 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://corp.mediatek.com/product-security-bulletin/February-2022 (string)

}

]

sourceIdentifier : security@mediatek.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-295 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object