CVE-2022-26447: Mediatek Chipsets code execution vulnerability
![CVE-2022-26447](https://b3442631.smushcdn.com/3442631/wp-content/uploads/2022/09/Mediatek.jpg?lossy=1&strip=1&webp=1)
Multi-security vulnerabilities have been disclosed in the Mediatek chipsets that, if left unresolved, could allow an adversary to remotely execute arbitrary code on the system from affected mobile devices.
![CVE-2022-26447](https://b3442631.smushcdn.com/3442631/wp-content/uploads/2022/09/Mediatek.jpg?lossy=1&strip=1&webp=1)
On the September security patch, Mediatek fixed multiple privilege escalation and information disclosure security flaws: CVE-2022-26449, CVE-2022-26450, CVE-2022-26451, CVE-2022-26453, CVE-2022-26454, CVE-2022-26455, CVE-2022-26456, CVE-2022-26457, CVE-2022-26458, CVE-2022-26459, CVE-2022-26460, CVE-2022-26461, CVE-2022-26462, CVE-2022-26463, CVE-2022-26464, CVE-2022-26465, CVE-2022-26466, CVE-2022-26467, CVE-2022-26468, CVE-2022-26469, CVE-2022-26470.
Mediatek Chipsets could allow a local authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit these vulnerabilities to gain elevated privileges and obtain sensitive information.