CVE-2022-21742

Published Jun 20, 2022
Last updated 2 years ago
CVSS medium 6.5
Overview

Description: Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services.
Source: twcert@cert.org.tw
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 3.3
Impact score: 2.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:N/I:N/A:P
Weaknesses

nvd@nist.gov: CWE-120
twcert@cert.org.tw: CWE-120
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:realtek:rtl8156_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "053B5D66-0B8C-43B6-B9BB-C7453F1538EE",
            "versionEndIncluding": "7.53",
            "versionStartIncluding": "7.42"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8156_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8926BFFE-126D-42D1-82FE-CFF70A7F8150",
            "versionEndIncluding": "8.60",
            "versionStartIncluding": "8.49"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8156_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79FD09FD-7A22-45A1-A647-C6B74F41C78C",
            "versionEndExcluding": "10.50",
            "versionStartIncluding": "10.28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:realtek:rtl8156:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A83CFC0-6E14-412E-9801-26759C5FD841"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:realtek:rtl8156b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5ABBE52B-89D5-4D35-A5A2-B3C9B4D53F77",
            "versionEndIncluding": "7.53",
            "versionStartIncluding": "7.42"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8156b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD5CC9A1-F278-49D1-AEFD-36EE4423FC7D",
            "versionEndIncluding": "8.60",
            "versionStartIncluding": "8.49"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8156b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D14BE40-0C3D-462C-B281-59EC98824EC3",
            "versionEndExcluding": "10.50",
            "versionStartIncluding": "10.28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:realtek:rtl8156b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6B969E23-7613-48AC-A7CB-EE9757031F1B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:realtek:rtl8153_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "593A86CF-4157-48C8-9446-D518AD6B02EA",
            "versionEndIncluding": "7.53",
            "versionStartIncluding": "7.42"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8153_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5452E510-572F-42C8-9BD2-A198DB6C49D8",
            "versionEndIncluding": "8.60",
            "versionStartIncluding": "8.49"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8153_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6477CE1-4914-49CF-89E2-D0EA57FD4BC8",
            "versionEndExcluding": "10.50",
            "versionStartIncluding": "10.28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:realtek:rtl8153:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D4516E5A-7F54-456C-8982-45FC3A90F06A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:realtek:rtl8153b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1915ED9-377D-4FF8-BC78-5CD96EF6FD22",
            "versionEndIncluding": "7.53",
            "versionStartIncluding": "7.42"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8153b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "979193FD-DF79-4C54-9BA3-1EBB0C33ED8B",
            "versionEndIncluding": "8.60",
            "versionStartIncluding": "8.49"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8153b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1077B900-7D08-430D-9A4B-F898321C55F5",
            "versionEndExcluding": "10.50",
            "versionStartIncluding": "10.28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:realtek:rtl8153b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "02859B5D-AA87-4349-82FE-912FE0CA4F3B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:realtek:rtl8154_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "077F57FD-037A-4E1D-8A12-E13EB264B84B",
            "versionEndIncluding": "7.53",
            "versionStartIncluding": "7.42"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8154_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2D6DC7D-3D8C-4E34-9E31-C048FE6E46AC",
            "versionEndIncluding": "8.60",
            "versionStartIncluding": "8.49"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8154_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "526350AE-80DA-4216-995E-EFDCDC512CBA",
            "versionEndExcluding": "10.50",
            "versionStartIncluding": "10.28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:realtek:rtl8154:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "42FE328C-DA1C-45E1-BC6D-653B7E8C2872"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:realtek:rtl8154b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "884B1F1E-F04E-4561-A555-10A38A3FEF2A",
            "versionEndIncluding": "7.53",
            "versionStartIncluding": "7.42"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8154b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A8C0FD6-A428-4865-9ACB-5ACC025BBD22",
            "versionEndIncluding": "8.60",
            "versionStartIncluding": "8.49"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8154b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4537F748-6B0E-475E-8D51-07E9472E9F5B",
            "versionEndExcluding": "10.50",
            "versionStartIncluding": "10.28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:realtek:rtl8154b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AC2E29AC-D7C3-41C7-9DBD-A433C70E125B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:realtek:rtl8152b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B22F885E-32C6-4DB6-A7E3-20DD86795ECD",
            "versionEndIncluding": "7.53",
            "versionStartIncluding": "7.42"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8152b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99FE41B7-E38A-48A1-B412-03F06BD78715",
            "versionEndIncluding": "8.60",
            "versionStartIncluding": "8.49"
          },
          {
            "criteria": "cpe:2.3:o:realtek:rtl8152b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44C96B76-8951-41FA-84FF-993F6187CAE3",
            "versionEndExcluding": "10.50",
            "versionStartIncluding": "10.28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:realtek:rtl8152b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "794B2656-570E-4AE4-A852-E55CFC2217C7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
