Vulnerability
CVE-2022-26446
Component: CELLULAR
Location: FIRMWARE
In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.
Impact
Severity (Manufact.)
MEDIUM
Severity (NIST)
7.5
Severity (Android)
N/A
Chipsets
86
Devices
1560
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MT6739 | MediaTek | |
| MT6761V/WE | Helio A20 | MediaTek |
| MT6761V/WAB | Helio A22 | MediaTek |
| MT6761V/WBB | Helio A22 | MediaTek |
| MT6762V/WB | Helio A25 | MediaTek |
| MT6762V/WD | Helio A25 | MediaTek |
| MT6762 | Helio P22 | MediaTek |
| MT6763/6763T | Helio P23 | MediaTek |
| MT6765 | Helio P35 | MediaTek |
| MT6771 | Helio P60 | MediaTek |
86 of 86 row(s) shown.
Rows per page
Page 1 of 9
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jul 1, 2017
Reported:
Unknown
Advisory Published:
Nov 7, 2022
CVE Published:
Nov 8, 2022
Android Patch Level:
None
