{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T21:04:41.884","vulnerabilities":[{"cve":{"id":"CVE-2022-32618","sourceIdentifier":"security@mediatek.com","published":"2022-11-08T21:15:15.660","lastModified":"2025-05-01T19:15:51.673","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262454; Issue ID: ALPS07262454."},{"lang":"es","value":"En Typec, existe una posible escritura fuera de límites debido a un cálculo incorrecto del tamaño del búfer. Esto podría provocar una escalada local de privilegios para un atacante que tenga acceso físico al dispositivo, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS07262454; ID del problema: ALPS07262454."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-131"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-131"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*","matchCriteriaId":"109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*","matchCriteriaId":"F8FB8EE9-FC56-4D5E-AE55-A5967634740C"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*","matchCriteriaId":"879FFD0C-9B38-4CAA-B057-1086D794D469"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*","matchCriteriaId":"9814939B-F05E-4870-90C0-7C0F6BAAEB39"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*","matchCriteriaId":"F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*","matchCriteriaId":"213B5C7F-D965-4312-9CDF-4F06FA77D401"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*","matchCriteriaId":"637CAAD2-DCC0-4F81-B781-5D0536844CA8"}]}]}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/November-2022","source":"security@mediatek.com","tags":["Vendor Advisory"]},{"url":"https://corp.mediatek.com/product-security-bulletin/November-2022","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}