Vulnerability in Mediatek Lr12a

CVE-2022-26446

In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interac…

EPSS: 0.011 (60.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2022-26446?
CVE-2022-26446 is a high-severity vulnerability in Mediatek Lr12a, classified under Reachable Assertion. CVSS score: 7.5/10. Published 2022-11-08.
How severe is CVE-2022-26446?
High severity. CVSS v3 base score is 7.5 out of 10.