CVE-2022-32663

Q: What is the severity of CVE-2022-32663?

CVE-2022-32663 has a CVSS score of 7.5 (HIGH). This vulnerability in MediaTek Wi-Fi drivers allows remote attackers to crash affected systems by exploiting a null pointer dereference. It affects devices using vulnerable MediaTek Wi-Fi chipsets, requiring no user interaction or special privileges. The exploit leads to denial of service through system crashes.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability in MediaTek Wi-Fi drivers allows remote attackers to crash affected systems by exploiting a null pointer dereference. It affects devices using vulnerable MediaTek Wi-Fi chipsets, requiring no user interaction or special privileges. The exploit leads to denial of service through system crashes.

💻 Affected Systems

Products:

MediaTek Wi-Fi chipset devices
Smartphones, tablets, IoT devices with MediaTek Wi-Fi

Versions: Specific driver versions not publicly detailed; affected by patch ID GN20220720014

Operating Systems: Android, Linux-based systems using MediaTek Wi-Fi drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with Wi-Fi enabled; exact product list requires checking MediaTek security bulletins.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Permanent system crash requiring physical reboot, potentially disrupting critical operations on affected devices.

🟠

Likely Case

Temporary denial of service with automatic recovery after system restart, causing service interruptions.

🟢

If Mitigated

No impact if patched or if vulnerable Wi-Fi drivers are not exposed to untrusted networks.

🌐 Internet-Facing: HIGH - Remote exploitation without authentication makes internet-facing devices particularly vulnerable.

🏢 Internal Only: MEDIUM - Internal network devices are still vulnerable to attacks from compromised internal hosts.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

No authentication required and no user interaction needed makes exploitation straightforward for attackers with network access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Driver versions containing patch ID GN20220720014

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/February-2023

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply manufacturer-provided security patches. 3. Reboot device after patching. 4. Verify Wi-Fi functionality post-update.

🔧 Temporary Workarounds

Disable Wi-Fi

all

Temporarily disable Wi-Fi functionality to prevent exploitation.

adb shell svc wifi disable
nmcli radio wifi off

Network Segmentation

all

Isolate affected devices on separate VLANs with strict firewall rules.

🧯 If You Can't Patch

Segment affected devices on isolated networks with strict access controls.
Implement network monitoring for abnormal Wi-Fi driver crashes or restart patterns.

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against manufacturer security bulletins; examine Wi-Fi driver version if accessible.

Check Version:

Manufacturer-specific commands vary; generally check Settings > About Phone > Build Number on Android devices.

Verify Fix Applied:

Verify patch ID GN20220720014 is present in system updates or driver version information.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Wi-Fi driver crash reports
System reboot events without user action

Network Indicators:

Unexpected Wi-Fi disconnections across multiple devices
Malformed Wi-Fi packets targeting driver vulnerabilities

SIEM Query:

source="kernel" AND "panic" OR "Wi-Fi driver crash" OR "null pointer dereference"

📊 Metadata

CVE ID: CVE-2022-32663

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: February 6, 2023

Last Updated: March 26, 2025

🔗 References

https://corp.mediatek.com/product-security-bulletin/February-2023 Vendor Advisory
https://corp.mediatek.com/product-security-bulletin/February-2023 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Mt5221 Firmware by Mediatek

Mt7603 Firmware by Mediatek

Mt7613 Firmware by Mediatek

Mt7615 Firmware by Mediatek

Mt7622 Firmware by Mediatek

Mt7628 Firmware by Mediatek

Mt7629 Firmware by Mediatek

Mt7668 Firmware by Mediatek

Mt7902 Firmware by Mediatek

Mt7915 Firmware by Mediatek

Mt7916 Firmware by Mediatek

Mt7921 Firmware by Mediatek

Mt7981 Firmware by Mediatek

Mt7986 Firmware by Mediatek

Mt8167s Firmware by Mediatek

Mt8175 Firmware by Mediatek

Mt8362a Firmware by Mediatek

Mt8365 Firmware by Mediatek

Mt8385 Firmware by Mediatek

Mt8518s Firmware by Mediatek

Mt8532 Firmware by Mediatek

Mt8788 Firmware by Mediatek