Vulnerability in Mediatek Lr12a
CVE-2022-26446
In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interac…
EPSS: 0.011 (60.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.
Affected products
Weakness classification (CWE)
References
- security@mediatek.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2022-26446?
- CVE-2022-26446 is a high-severity vulnerability in Mediatek Lr12a, classified under Reachable Assertion. CVSS score: 7.5/10. Published 2022-11-08.
- How severe is CVE-2022-26446?
- High severity. CVSS v3 base score is 7.5 out of 10.