PT-2021-5745 · Mediatek · Mt7628+7

Published

2021-12-25

Updated

2022-01-06

CVE-2021-37565

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:P

Name of the Vulnerable Software and Affected Versions MediaTek microchips versions 2.0.2

Description The issue is related to the mishandling of IEEE 1905 protocols in MediaTek microchips, which can lead to an out-of-bounds read. This can potentially allow a remote attacker to cause a denial of service. The affected chipsets include MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, and MT7915.

Recommendations For version 2.0.2, consider disabling the handling of IEEE 1905 protocols as a temporary workaround until a patch is available. Restrict access to the vulnerable chipsets to minimize the risk of exploitation. Avoid using the affected software versions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2022-00188

CVE-2021-37565

Affected Products

Mt7603E

Mt7613

Mt7615

Mt7622

Mt7628

Mt7629

Mt7915

Mediatek Microchips

PT-2021-5745 · Mediatek · Mt7628+7

CVE-2021-37565

Weakness Enumeration

Related Identifiers

Affected Products

References · 8