CVE-2022-32663

HIGH

Mediatek Mt5221 Firmware - NULL Pointer Dereference

Title source: rule

Description

In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.

References (1)

[Vendor Advisory] https://corp.mediatek.com/product-security-bulletin/February-2023

Scores

CVSS v3 7.5

EPSS 0.0120

EPSS Percentile 78.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-476

Status published

Affected Products (22)

mediatek/mt5221_firmware

mediatek/mt7603_firmware

mediatek/mt7613_firmware

mediatek/mt7615_firmware

mediatek/mt7622_firmware

mediatek/mt7628_firmware

mediatek/mt7629_firmware

mediatek/mt7668_firmware

mediatek/mt7902_firmware

mediatek/mt7915_firmware

mediatek/mt7916_firmware

mediatek/mt7921_firmware

mediatek/mt7981_firmware

mediatek/mt7986_firmware

mediatek/mt8167s_firmware

... and 7 more

Timeline

Published Feb 06, 2023

Tracked Since Feb 18, 2026