| |
Vulnerability CVE-2022-20066
Published: 2022-04-11
Description: |
In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729. |
Type:
CWE-755
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
2.1/10 |
2.9/10 |
3.9/10 |
Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://corp.mediatek.com/product-security-bulletin/April-2022
|
|
|
Copyright 2024, cxsecurity.com
|
|
|