CRITICAL🇵🇱 Wersja polska

CVE-2022-26437

CVSS 9.8v3.1pub. 2022-08-01upd. 2024-11-21

In httpclient, there is a possible out of bounds write due to uninitialized data. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WSAP00103831; Issue ID: WSAP00103831.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Mediatek Mt2621

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt2625

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Nbiot Sdk

    APP
    Mediatek
    2.8.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-20407CRITICAL9.3PL ✓ten sam produkt

Privilege escalation w sterowniku WLAN STA MediaTek — brak bounds check

CVE-2025-20680CRITICAL9.8PL ✓ten sam produkt

MediaTek Bluetooth – heap buffer overflow umożliwiający privilege escalation

CVE-2026-20423HIGH7.8ten sam produkt

In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to ...

CVE-2026-20436MEDIUM6.7ten sam produkt

In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead...

CVE-2026-20419MEDIUM6.5ten sam produkt

In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This c...