Sign-up

ID

VAR-202210-0376


CVE

CVE-2022-32591


TITLE

Google  of  Android  Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-018867

DESCRIPTION

In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259. Google of Android There is an input validation vulnerability in.Service operation interruption (DoS) It may be in a state. MediaTek Inc. is the world's fourth-largest foundry semiconductor company. It is in a leading position in the markets of mobile terminals, smart home applications, wireless connection technology and Internet of Things products, with approximately 1.5 billion units a year End products with built-in MediaTek chips are available all over the world

Trust: 2.16

sources: NVD: CVE-2022-32591 // JVNDB: JVNDB-2022-018867 // CNVD: CNVD-2022-87959

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-87959

AFFECTED PRODUCTS

vendor:googlemodel:androidscope:eqversion:12.0

Trust: 1.8

vendor:googlemodel:androidscope:eqversion:11.0

Trust: 1.8

vendor:googlemodel:androidscope: - version: -

Trust: 0.8

vendor:googlemodel:androidscope:eqversion: -

Trust: 0.8

vendor:mediatekmodel:mt6580 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6580 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6739 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6739 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6753 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6753 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6757 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6757 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6761 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6761 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6762 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6762 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6763 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6763 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6765 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6765 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6768 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6768 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6779 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6779 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6781 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6781 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6785 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6785 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6789 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6789 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6833 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6833 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6853 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6853 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6853t androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6853t androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6855 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6855 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6873 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6873 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6875 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6875 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6877 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6877 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6879 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6879 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6885 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6885 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6893 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6893 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6895 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6895 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt6983 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt6983 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8321 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8321 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8385 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8385 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8666 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8666 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8675 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8675 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8765 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8765 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8766 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8766 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8768 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8768 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8786 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8786 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8788 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8788 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8789 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8789 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8791 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8791 androidscope:eqversion:12.0

Trust: 0.6

vendor:mediatekmodel:mt8797 androidscope:eqversion:11.0

Trust: 0.6

vendor:mediatekmodel:mt8797 androidscope:eqversion:12.0

Trust: 0.6

sources: CNVD: CNVD-2022-87959 // JVNDB: JVNDB-2022-018867 // NVD: CVE-2022-32591

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32591
value: HIGH

Trust: 1.0

NVD: CVE-2022-32591
value: HIGH

Trust: 0.8

CNVD: CNVD-2022-87959
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202210-339
value: HIGH

Trust: 0.6

CNVD: CNVD-2022-87959
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-32591
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-32591
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-87959 // JVNDB: JVNDB-2022-018867 // CNNVD: CNNVD-202210-339 // NVD: CVE-2022-32591

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.0

problemtype:Inappropriate input confirmation (CWE-20) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-018867 // NVD: CVE-2022-32591

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-339

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202210-339

PATCH

title:Patch for Various MediaTek chip ril denial of service vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/372251

Trust: 0.6

title:MediaTek Fixes for chip security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=209978

Trust: 0.6

sources: CNVD: CNVD-2022-87959 // CNNVD: CNNVD-202210-339

EXTERNAL IDS

db:NVDid:CVE-2022-32591

Trust: 3.8

db:JVNDBid:JVNDB-2022-018867

Trust: 0.8

db:CNVDid:CNVD-2022-87959

Trust: 0.6

db:CNNVDid:CNNVD-202210-339

Trust: 0.6

sources: CNVD: CNVD-2022-87959 // JVNDB: JVNDB-2022-018867 // CNNVD: CNNVD-202210-339 // NVD: CVE-2022-32591

REFERENCES

url:https://corp.mediatek.com/product-security-bulletin/october-2022

Trust: 3.0

url:https://nvd.nist.gov/vuln/detail/cve-2022-32591

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-32591/

Trust: 0.6

sources: CNVD: CNVD-2022-87959 // JVNDB: JVNDB-2022-018867 // CNNVD: CNNVD-202210-339 // NVD: CVE-2022-32591

SOURCES

db:CNVDid:CNVD-2022-87959
db:JVNDBid:JVNDB-2022-018867
db:CNNVDid:CNNVD-202210-339
db:NVDid:CVE-2022-32591

LAST UPDATE DATE

2024-08-14T14:37:16.936000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-87959date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-018867date:2023-10-23T08:14:00
db:CNNVDid:CNNVD-202210-339date:2022-10-13T00:00:00
db:NVDid:CVE-2022-32591date:2022-10-12T13:52:41.910

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-87959date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-018867date:2023-10-23T00:00:00
db:CNNVDid:CNNVD-202210-339date:2022-10-07T00:00:00
db:NVDid:CVE-2022-32591date:2022-10-07T20:15:14.823