CVE-2022-32663

HIGH

MediaTek Wi-Fi Driver - Unauthenticated Denial of Service via Null Pointer Dereference

Title source: llm

Description

In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.

References (1)

Core 1

Core References

Vendor Advisory

https://corp.mediatek.com/product-security-bulletin/February-2023

Scores

CVSS v3 7.5

EPSS 0.0120

EPSS Percentile 79.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (22)

mediatek/mt5221_firmware 7.6.6.1

mediatek/mt7603_firmware 7.6.6.1

mediatek/mt7613_firmware 7.6.6.1

mediatek/mt7615_firmware 7.6.6.1

mediatek/mt7622_firmware 7.6.6.1

mediatek/mt7628_firmware 7.6.6.1

mediatek/mt7629_firmware 7.6.6.1

mediatek/mt7668_firmware 7.6.6.1

mediatek/mt7902_firmware 7.6.6.1

mediatek/mt7915_firmware 7.6.6.1

... and 12 more

Published Feb 06, 2023

Tracked Since Feb 18, 2026