Vulnerability CVE-2022-26429 - CERT Civis.Net

Vulnerability Name:

CVE-2022-26429 (CCN-232459)

Assigned:

2022-08-01

Published:

2022-08-01

Updated:

2022-08-05

Summary:

In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

8.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2022-26429

Source: CCN
Type: MediaTek Web site
August 2022 Product Security Bulletin

Source: MISC
Type: Vendor Advisory
https://corp.mediatek.com/product-security-bulletin/August-2022

Source: XF
Type: UNKNOWN
mediatek-cve202226429-priv-esc(232459)

Vulnerable Configuration:

Configuration 1:

cpe:/o:google:android:11.0:*:*:*:*:*:*:*

OR cpe:/o:google:android:12.0:*:*:*:*:*:*:*

AND

cpe:/h:mediatek:mt6757:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6785:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6779:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6768:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6769:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6761:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6765:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6762:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6771:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6580:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6735:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6739:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6763:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6833:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6853:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6873:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6875:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6877:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6883:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6885:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6889:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6893:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8765:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8766:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8768:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8786:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8788:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6781:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6855:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6879:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6895:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt6983:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8168:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8173:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8185:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8321:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8365:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8385:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8789:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8791:-:*:*:*:*:*:*:*

OR cpe:/h:mediatek:mt8797:-:*:*:*:*:*:*:*

Denotes that component is vulnerable