CVE-2022-26448
Description
In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07063849; Issue ID: ALPS07063849.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Out-of-bounds write in apusys could allow local escalation of privilege with System execution privileges.
Vulnerability
In apusys, there is a possible out-of-bounds write due to a missing bounds check. This vulnerability affects MediaTek chipsets as listed in the September 2022 security bulletin [1]. The issue is identified by patch ID ALPS07063849.
Exploitation
An attacker with System execution privileges can exploit this missing bounds check to perform an out-of-bounds write. No user interaction is required for exploitation.
Impact
Successful exploitation could lead to local escalation of privilege, potentially allowing the attacker to execute arbitrary code at a higher privilege level.
Mitigation
The vulnerability is addressed in the September 2022 MediaTek security bulletin [1]. Device OEMs have been notified and patches are available. Users should apply the update from their device manufacturer.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- MediaTek, Inc./MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893v5Range: Android 11.0, 12.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- corp.mediatek.com/product-security-bulletin/September-2022mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.