Summaryinfo

A vulnerability classified as problematic was found in MediaTek MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980 and MT9981. This vulnerability affects unknown code of the component ASF Extractor. The manipulation leads to out-of-bounds. This vulnerability was named CVE-2021-0622. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Detailsinfo

A vulnerability classified as problematic has been found in MediaTek MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980 and MT9981. This affects an unknown functionality of the component ASF Extractor. The manipulation with an unknown input leads to a out-of-bounds vulnerability. CWE is classifying the issue as CWE-125. The product reads data past the end, or before the beginning, of the intended buffer. This is going to have an impact on confidentiality.

The weakness was disclosed 11/19/2021. The advisory is shared at corp.mediatek.com. This vulnerability is uniquely identified as CVE-2021-0622 since 11/06/2020. Neither technical details nor an exploit are publicly available.

Applying a patch is able to eliminate this problem.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• Chip Software

Vendor

• MediaTek

Name

• MT5522
• MT5527
• MT5597
• MT5598
• MT5599
• MT6580
• MT6735
• MT6737
• MT6739
• MT6750S
• MT6753
• MT6755S
• MT6757
• MT6757C
• MT6757CD
• MT6757CH
• MT6761
• MT6762
• MT6763
• MT6765
• MT6768
• MT6771
• MT6779
• MT6785
• MT6833
• MT6853
• MT6853T
• MT6873
• MT6877
• MT6885
• MT6889
• MT6893
• MT8163
• MT8167
• MT8167S
• MT8168
• MT8173
• MT8175
• MT8183
• MT8185
• MT8195
• MT8321
• MT8362A
• MT8365
• MT8385
• MT8765
• MT8766
• MT8768
• MT8786
• MT8788
• MT8789
• MT8791
• MT8797
• MT9256
• MT9285
• MT9286
• MT9288
• MT9629
• MT9631
• MT9632
• MT9636
• MT9638
• MT9639
• MT9650
• MT9652
• MT9669
• MT9670
• MT9675
• MT9685
• MT9686
• MT9688
• MT9931
• MT9950
• MT9970
• MT9980
• MT9981

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion