The rebranded Microsoft Purview platform integrates Microsoft 365 Compliance and Azure Purview, and adds new capabilities and products to help manage data no matter where it resides.

The shift to a hybrid workplace has forced organizations to rapidly adopt cloud technologies and remote access tools to enable ubiquitous connectivity.

That in turn has generated more data than ever before, and organizations are faced with the prospect of securing their data, managing data governance, and keeping up with compliance requirements. Collaboration tools can result in sensitive data leaks if not properly managed. Microsoft announced changes in its data governance platform to help customers see their assets across their entire data estate, along with helping to manage risks and regulatory compliance.

Microsoft has rebranded Azure Purview, which became generally available last fall, to Microsoft Purview and brought over the products that used to make up Microsoft 365 Compliance. Microsoft Purview also features new functionality in Microsoft Purview eDiscovery to improve identification of data stored in Teams; the general availability of Microsoft Purview Data Loss Prevention for macOS; and a preview of the ability to create encrypted documents for iOS and Android platforms.

Microsoft Purview will bring "that chief data officer and their team together with the risk officer, the compliance officer, and \[have\] a unified view and ability to manage data," says Alym Rayani, general manager of compliance and privacy at Microsoft.

For organizations, getting a sense of what data they have is a growing challenge, as is making sure the data isn’t leaving the organization in an unauthorized manner. Data has become the "lifeblood" of how businesses operate, says Rayani, but knowing what the organization has, or where it is even stored, is a growing challenge. The rapid adoption of cloud applications and remote access tool have expanded the data estate. An example would be how more employees are exchanging data using Microsoft Teams — not just in the chat or conversations, but also sharing files.

"Data lives everywhere. There's a lot of it," Rayani says, noting that about 93% of customers told Microsoft they store data across multiple clouds and multiple solutions.

**Understanding the Data**  
Before organizations can do anything about their data, they have to first understand it. Toward that goal, Microsoft expanded its sensitive information type catalog with more than 50 new classifiers, such as those covering patient and healthcare data. There were already 250 classifiers, for data elements such as credit card and Social Security numbers, Rayani says. These classifiers are available for DLP, Information Protection (auto-labeling), Data Lifecycle Management, Insider Risk Management, Records Management, eDiscovery, and Microsoft Priva.

The classifiers are necessary to identify sensitive data, and to allow organizations to create policies that accommodate the specific requirements for each type. There may be patient records that are considered confidential even if payment card numbers or Social Security numbers are not included.

"One of the things we've been hearing from customers is, 'Hey, I need to get a good understanding of my data environment, my data landscape. It lives across a range of systems. It lives in apps. It lives in different platforms,'" Rayani says.

**Governance to the Forefront**  
Microsoft Purview is not just about visibility or classifying data, but can give organizations governance tools that extend all across the data environment. Data leak prevention is one example, but another important area of data governance is insider risk management, Rayani says. While the idea of a malicious insider — the person trying to steal confidential information and intellectual property — is a classic example of insider threat, there is also a lot of the "inadvertent" insider — the one who accidentally exposes data while trying to do their job.

For example, a marketing employee trying to share something over Teams may violate data leak prevention policy. With Microsoft Purview, organizations have tools to warn the user in the moment that there is a policy violation, block the action, and offer an alternative method, such as a secure SharePoint site, Rayani says.

  

    

How each of the products in the Microsoft Purview family are branded. Source: Microsoft

Organizations frequently have to stitch together multiple products to give security, governance, compliance, and legal teams a clear view of what is happening in their environment. Almost 80% of IT decision-makers in the United States purchased multiple products to do so, and a majority had purchased three or more, according to a recent Microsoft survey. This patchwork of products can expose infrastructure gaps and is both costly and complex to manage, Jessica Hawk, Microsoft's corporate vice president of data, AI and mixed reality, wrote on the Azure blog. Microsoft Purview's goal is to provide a unified view to improve security, privacy, and compliance, she wrote.

The company will continue strengthening the integration between Azure products and Microsoft 365, as well as adding new capabilities. For example, sensitivity labels — which designate the data classification — will be consistent across products, and they will be viewable in both Microsoft Purview's compliance portal (formerly Microsoft 365 Compliance) and governance portal (Azure Purview).

"We believe the new way to optimize your data strategy is to deliver a unified view of data in the organization across hybrid, multicloud environments by bringing together the business users of data with the protectors of data," Hawk wrote.

Microsoft Launches Purview Platform to Govern, Protect, and Manage Sensitive Data

In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal vulnerability, leading to remote code execution.

The following table describes important changes to the XenMobile Server product documentation. To receive notifications about these updates, subscribe to the RSS feed.

Date

Change

Description

15 Sep 2021

Updated articles for the XenMobile Server 10.14 release

For a summary of new and changed features, see What’s new in XenMobile Server 10.14.

27 Apr 2021

Updated description of the Locate security action

See Security actions.

23 Apr 2021

Added an action example

See Automated actions.

01 Apr 2021

Added description of per-app VPN requirements

See VPN device policy.

24 Feb 2021

Added announcment about preparation needed before upgrading endpoints to iOS 14.5

See Before upgrading endpoints to iOS 14.5.

17 Dec 2020

New device policy for controlling how installed managed apps get updated on Android Enterprise

See Automatically update managed apps device policy

18 Nov 2020

Added a workaround for a single sign-on issue related to on-premises Citrix ADC

See Before you upgrade an on-premises Citrix ADC.

26 Oct 2020

Updated articles for the XenMobile Server 10.13 release

For a summary of new and changed features, see What’s new in XenMobile Server 10.13.

02 Jul 2020

Added a timeline and action plan for the deprecation of MDX encryption

See Prepare your Android devices for upcoming changes.

19 Jun 2020

Addressed the terms “blacklist” and “whitelist” in the documentation. Changed to “block list” and “allow list”.

The Endpoint Management console currently includes the terms “blacklist” and “whitelist”. We updated the documentation. We are in the process of changing the terms in the product console for an upcoming release.

04 May 2020

Added a note about new TLS certificate requirements for trusted certificates in iOS, iPadOS, and macOS.

See Certificates.

18 Feb 2020

Updated terminology

Throughout the documentation, updated the NetScaler, NetScaler Gateway, ShareFile, and StorageZones Controller terminology. Some console components might still show the older names.

06 Feb 2020

Updated articles for the XenMobile Server 10.12 release

For a summary of new and changed features, see What’s new in XenMobile Server 10.12.

06 Nov 2019

Added a section about migrating from Apple VPP to ABM or ASM

See Apple Volume Purchase Program migration to Apple Business Manager (ABM) and Apple School Manager (ASM).

04 Sep 2019

Updated articles for the XenMobile Server 10.11 release

For a summary of new and changed features, see What’s new in XenMobile Server 10.11.

15 May 2019

Updated iOS device enrollment section

Added video and updated steps for iOS 12 device enrollment. See Enroll iOS devices.

10 May 2019

New section about Entrust PKI

Added section to the “PKI Entities” article: PKI Entities.

03 Apr 2019

New section for Apple DEP renewal steps

Added section to “Deploy devices through Apple DEP”: Renew your enrollment in the Apple Deployment Program.

02 Apr 2019

Updated articles for the Gateway connector for Exchange ActiveSync 8.5.3 release

For a summary of new and changed features, see What’s new in version 8.5.3.

26 Mar 2019

Updated Secure Hub store name syntax

Added note about the alphanumeric requirement for Store name in App store and Citrix Secure Hub branding.

06 Mar 2019

Updated articles for the Endpoint Management connector for Exchange ActiveSync 10.1.9 release

For a summary of new and changed features, see What’s new in version 10.1.9.

01 Feb 2019

Updated articles for the Endpoint Management connector for Exchange ActiveSync 10.1.8 release

For a summary of new and changed features, see What’s new in version 10.1.8.

23 Jan 2019

Updated Secure Browse terminology

Throughout the documentation, renamed the MDX setting “Secure Browse” to “Tunneled Web SSO”. For information, see App Network Access for iOS and App Network Access for Android.

CVE-2021-44519: Citrix XenMobile Server Document History

Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.

CVE-2022-29457: ADSelfService Plus Release Notes

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails.

**Security Advisories**

**CVE-2022-28870: Address Bar Spoofing Vulnerability in F-Secure SAFE Browser for Android**

**Description**

Showing old URL in case navigation to new URL fails could lead to address bar spoofing.

**STATUS:** Fixed  

**RISK LEVEL:** Medium

**FIX:** A fix has been released in the automatic update channel since 13th, April, 2022. No user action is required.

**Affected Products**

*   F-Secure SAFE Browser for Android Version 18.6 and below.

**Platforms**

*   All supported platforms of the affected products

**More Information**

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails.  

This issue was reported to F-Secure through the Vulnerability Reward Program. No known exploit or attack has been seen in the wild.

**Credits**

F-Secure Corporation would like to thank Kirtikumar Anandrao Ramchandani for bringing this issue to our attention.

CVE-2022-28870: CVE-2022-28870 | F-Secure

An Address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted malicious webpage/URL, user may be tricked for a short period of time (until the page loads) to think content may be coming from a valid domain, while the content comes from the attacker controlled site.

**Security Advisories**

**CVE-2022-28868: Address Bar Spoofing Vulnerability in F-Secure SAFE Browser for Android**

**Description**

Address bar may show next URL for a short period of time, which could potentially lead to address bar spoofing.

**STATUS:** Fixed  

**RISK LEVEL:** Medium

**FIX:** A fix has been released in the automatic update channel since 13th, April 2022. No user action is required.

**Affected Products**

*   F-Secure SAFE Browser for Android Version 18.6 and below

**Platforms**

*   All supported platforms for the affected products

**More Information**

An Address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted malicious webpage/URL, user may be tricked for a short period of time (until the page loads) to think content may be coming from a valid domain, while the content comes from the attacker controlled site.  

This issue was reported to F-Secure through the Vulnerability Reward Program. No known exploit or attack has been seen in the wild.

**Credits**

F-Secure Corporation would like to thank Kirtikumar Anandrao Ramchandani for bringing this issue to our attention.

CVE-2022-28868: CVE-2022-28868 | F-Secure

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number.

**Security Advisories**

**CVE-2022-28869: Address Bar Spoofing Vulnerability in F-Secure SAFE Browser for Android**

**Description**

Incomplete display of URL could lead to address bar spoofing. 

**STATUS:** Fixed

**RISK LEVEL:** Medium

**FIX:** A fix has been released in the automatic update channel since 13th April, 2022. No user action is required.

**Affected Products**

*   F-Secure SAFE Browser for Android Version 18.6 and below

**Platforms**

*   All supported platforms for the affected products

**More Information**

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number. 

This issue was reported to F-Secure through the Vulnerability Reward Program. No known exploit or attack has been seen in the wild.

**Credits**

F-Secure Corporation would like to thank Kirtikumar Anandrao Ramchandani for bringing this issue to our attention.

CVE-2022-28869: CVE-2022-28869 | F-Secure

In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-209607104

_Published April 4, 2022 | Updated April 5, 2022_

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2022-04-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version.

Android partners are notified of all issues at least a month before publication. Source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours. We will revise this bulletin with the AOSP links when they are available.

The most severe of these issues is a high security vulnerability in the Framework component that could lead to local escalation of privilege with no additional execution privileges needed. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.

Refer to the Android and Google Play Protect mitigations section for details on the Android security platform protections and Google Play Protect, which improve the security of the Android platform.

**Android and Google service mitigations**

This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.

*   Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.
*   The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications. Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.

**2022-04-01 security patch level vulnerability details**

In the sections below, we provide details for each of the security vulnerabilities that apply to the 2022-04-01 patch level. Vulnerabilities are grouped under the component they affect. Issues are described in the tables below and include CVE ID, associated references, type of vulnerability, severity, and updated AOSP versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID. Devices with Android 10 and later may receive security updates as well as Google Play system updates.

**Framework**

The most severe vulnerability in this section could lead to local escalation of privilege with no additional execution privileges needed.

    

CVE

References

Type

Severity

Updated AOSP versions

CVE-2021-0694

A-183147114

EoP

High

11

CVE-2021-39794

A-205836329

EoP

High

11, 12, 12L

CVE-2021-39795

A-201667614

EoP

High

11, 12, 12L

CVE-2021-39796

A-205595291

EoP

High

10, 11, 12, 12L

CVE-2021-39797

A-209607104

EoP

High

12, 12L

CVE-2021-39798

A-213169612

EoP

High

12, 12L

CVE-2021-39799

A-200288596

EoP

High

12, 12L

**Media Framework**

The most severe vulnerability in this section could lead to remote information disclosure with no additional execution privileges needed.

    

CVE

References

Type

Severity

Updated AOSP versions

CVE-2021-39803

A-193790350

ID

High

10, 11, 12, 12L

CVE-2021-39804

A-215002587

DoS

High

11, 12, 12L

**System**

The most severe vulnerability in this section could lead to local escalation of privilege with no additional execution privileges needed.

    

CVE

References

Type

Severity

Updated AOSP versions

CVE-2021-39808

A-209966086

EoP

High

10, 11, 12

CVE-2021-39805

A-212694559

ID

High

12, 12L

CVE-2021-39809

A-205837191

ID

High

10, 11, 12, 12L

**Google Play system updates**

The following issues are included in Project Mainline components.

 

Component

CVE

MediaProvider

CVE-2021-39795

Media Codecs

CVE-2021-39803

**2022-04-05 security patch level vulnerability details**

In the sections below, we provide details for each of the security vulnerabilities that apply to the 2022-04-05 patch level. Vulnerabilities are grouped under the component they affect. Issues are described in the tables below and include CVE ID, associated references, type of vulnerability, severity, and updated AOSP versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.

**System**

The most severe vulnerability in this section could lead to local escalation of privilege from the Guest account with no additional execution privileges needed.

    

CVE

References

Type

Severity

Updated AOSP versions

CVE-2021-39807

A-209446496

EoP

High

10, 11, 12, 12L

**Kernel components**

The most severe vulnerability in this section could lead to local escalation of privilege with no additional execution privileges needed.

    

CVE

References

Type

Severity

Component

CVE-2021-0707

A-155756045  
Upstream kernel

EoP

High

dma-buf

CVE-2021-39801

A-209791720  
Upstream kernel \[2\] \[3\]

EoP

High

ION

CVE-2021-39802

A-213339151  
Upstream kernel \[2\] \[3\] \[4\]

EoP

High

Memory Management

CVE-2021-39800

A-208277166  
Upstream kernel \[2\] \[3\]

ID

High

ION

**MediaTek components**

These vulnerabilities affect MediaTek components and further details are available directly from MediaTek. The severity assessment of these issues is provided directly by MediaTek.

   

CVE

References

Severity

Component

CVE-2022-20081  

A-218242055  
M-ALPS06461919 \*

High

A-GPS

CVE-2021-25477  

A-220262213  
M-MOLY00684727 \*

High

Modem LTE RRC

**Qualcomm components**

These vulnerabilities affect Qualcomm components and are described in further detail in the appropriate Qualcomm security bulletin or security alert. The severity assessment of these issues is provided directly by Qualcomm.

   

CVE

References

Severity

Component

CVE-2021-35081  

A-213239834  
QC-CR#3028274

Critical

WLAN

CVE-2021-35112  

A-201574693  
QC-CR#3049280

Critical

Display

CVE-2021-35123  

A-213239948  
QC-CR#3032290

Critical

Bluetooth

CVE-2021-30334  

A-213239835  
QC-CR#2963049 \[2\]  
QC-CR#3052789

High

Display

CVE-2021-35091  

A-204905109  
QC-CR#3008877

High

Display

CVE-2021-35095

A-204905206  
QC-CR#2996895

High

Kernel

CVE-2021-35130  

A-213240026  
QC-CR#3057133

High

Display

**Qualcomm closed-source components**

These vulnerabilities affect Qualcomm closed-source components and are described in further detail in the appropriate Qualcomm security bulletin or security alert. The severity assessment of these issues is provided directly by Qualcomm.

   

CVE

References

Severity

Component

CVE-2021-30339  

A-202025975 \*

Critical

Closed-source component

CVE-2021-30341  

A-202024969 \*

Critical

Closed-source component

CVE-2021-30342  

A-202025860 \*

Critical

Closed-source component

CVE-2021-30343  

A-202025978 \*

Critical

Closed-source component

CVE-2021-30347

A-202025598 \*

Critical

Closed-source component

CVE-2021-35104

A-213240044 \*

Critical

Closed-source component

CVE-2021-30281

A-202025858 \*

High

Closed-source component

CVE-2021-30338  

A-202025859 \*

High

Closed-source component

CVE-2021-30340

A-202025736 \*

High

Closed-source component

CVE-2021-30344

A-192612963\*

High

Closed-source component

CVE-2021-30345

A-202025737\*

High

Closed-source component

CVE-2021-30346

A-202025862 \*

High

Closed-source component

CVE-2021-30349

A-202025797 \*

High

Closed-source component

CVE-2021-30350  

A-202025979 \*

High

Closed-source component

CVE-2021-35070  

A-202025864 \*

High

Closed-source component

CVE-2021-35100

A-213240046 \*

High

Closed-source component

**Common questions and answers**

This section answers common questions that may occur after reading this bulletin.

**1\. How do I determine if my device is updated to address these issues?**

To learn how to check a device's security patch level, see Check and update your Android version.

*   Security patch levels of 2022-04-01 or later address all issues associated with the 2022-04-01 security patch level.
*   Security patch levels of 2022-04-05 or later address all issues associated with the 2022-04-05 security patch level and all previous patch levels.

Device manufacturers that include these updates should set the patch string level to:

*   \[ro.build.version.security\_patch\]:\[2022-04-01\]
*   \[ro.build.version.security\_patch\]:\[2022-04-05\]

For some devices on Android 10 or later, the Google Play system update will have a date string that matches the 2022-04-01 security patch level. Please see this article for more details on how to install security updates.

**2\. Why does this bulletin have two security patch levels?**

This bulletin has two security patch levels so that Android partners have the flexibility to fix a subset of vulnerabilities that are similar across all Android devices more quickly. Android partners are encouraged to fix all issues in this bulletin and use the latest security patch level.

*   Devices that use the 2022-04-01 security patch level must include all issues associated with that security patch level, as well as fixes for all issues reported in previous security bulletins.
*   Devices that use the security patch level of 2022-04-05 or newer must include all applicable patches in this (and previous) security bulletins.

Partners are encouraged to bundle the fixes for all issues they are addressing in a single update.

**3\. What do the entries in the _Type_ column mean?**

Entries in the _Type_ column of the vulnerability details table reference the classification of the security vulnerability.

 

Abbreviation

Definition

RCE

Remote code execution

EoP

Elevation of privilege

ID

Information disclosure

DoS

Denial of service

N/A

Classification not available

**4\. What do the entries in the _References_ column mean?**

Entries under the _References_ column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.

 

Prefix

Reference

A-

Android bug ID

QC-

Qualcomm reference number

M-

MediaTek reference number

N-

NVIDIA reference number

B-

Broadcom reference number

U-

UNISOC reference number

**5\. What does an \* next to the Android bug ID in the _References_ column mean?**

Issues that are not publicly available have an \* next to the corresponding reference ID. The update for that issue is generally contained in the latest binary drivers for Pixel devices available from the Google Developer site.

**6\. Why are security vulnerabilities split between this bulletin and device/partner security bulletins, such as the Pixel bulletin?**

Security vulnerabilities that are documented in this security bulletin are required to declare the latest security patch level on Android devices. Additional security vulnerabilities that are documented in the device/partner security bulletins are not required for declaring a security patch level. Android device and chipset manufacturers may also publish security vulnerability details specific to their products, such as Google, Huawei, LGE, Motorola, Nokia, or Samsung.

**Versions**

  

Version

Date

Notes

1.0

April 4, 2022

Bulletin Published

1.1

April 5, 2022

Bulletin revised to include AOSP links

CVE-2021-39797: Android Security Bulletin—April 2022  |  Android Open Source Project

In ppmp_validate_wsm of drm_fw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216792660References: N/A

_Published April 4, 2022_

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices (Google devices). For Google devices, security patch levels of 2022-04-05 or later address all issues in this bulletin and all issues in the April 2022 Android Security Bulletin. To learn how to check a device's security patch level, see Check and update your Android version.

All supported Google devices will receive an update to the 2022-04-05 patch level. We encourage all customers to accept these updates to their devices.

**Announcements**

*   In addition to the security vulnerabilities described in the April 2022 Android Security Bulletin, Google devices also contain patches for the security vulnerabilities described below.

**Security patches**

Vulnerabilities are grouped under the component that they affect. There is a description of the issue and a table with the CVE, associated references, type of vulnerability, severity, and updated Android Open Source Project (AOSP) versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.

**Kernel components**

   

CVE

References

Type

Severity

Component

CVE-2021-34866

A-217307370  
Upstream kernel

EoP

Moderate

Kernel

**Pixel**

    

CVE

References

Type

Severity

Component

CVE-2021-39812

A-205522359 \*

EoP

High

Camera

CVE-2021-39814

A-216792660 \*

EoP

High

Bootloader

CVE-2020-13844

A-216607118 \*

ID

High

Kernel

**Qualcomm components**

   

CVE

References

Severity

Component

CVE-2021-35071

A-202032183  
QC-CR#3000875

Moderate

WLAN

**Functional patches**

For details on the new bug fixes and functional patches included in this release, refer to the Pixel Community forum.

**Common questions and answers**

This section answers common questions that may occur after reading this bulletin.

**1\. How do I determine if my device is updated to address these issues?**

Security patch levels of 2022-04-05 or later address all issues associated with the 2022-04-05 security patch level and all previous patch levels. To learn how to check a device's security patch level, read the instructions on the Google device update schedule.

**2\. What do the entries in the _Type_ column mean?**

Entries in the _Type_ column of the vulnerability details table reference the classification of the security vulnerability.

 

Abbreviation

Definition

RCE

Remote code execution

EoP

Elevation of privilege

ID

Information disclosure

DoS

Denial of service

N/A

Classification not available

**3\. What do the entries in the _References_ column mean?**

Entries under the _References_ column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.

 

Prefix

Reference

A-

Android bug ID

QC-

Qualcomm reference number

M-

MediaTek reference number

N-

NVIDIA reference number

B-

Broadcom reference number

U-

UNISOC reference number

**4\. What does an \* next to the Android bug ID in the _References_ column mean?**

Issues that are not publicly available have an \* next to the Android bug ID in the _References_ column. The update for that issue is generally contained in the latest binary drivers for Pixel devices available from the Google Developer site.

**5\. Why are security vulnerabilities split between this bulletin and the Android Security Bulletins?**

Security vulnerabilities that are documented in the Android Security Bulletins are required to declare the latest security patch level on Android devices. Additional security vulnerabilities, such as those documented in this bulletin are not required for declaring a security patch level.

**Versions**

  

Version

Date

Notes

1.0

April 4, 2022

Bulletin Released

CVE-2021-39814: Pixel Update Bulletin—April 2022  |  Android Open Source Project

In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617.

**April 2022 Product Security Bulletin**

Published 2022-04-06

The MediaTek Product Security Bulletin contains details of security vulnerabilities affecting MediaTek Smartphone, Tablet, AIoT, Smart display, Smart platform and OTT chipsets. Device OEMs have been notified of all the issues and the corresponding security patches for at least two months before publication.

The severity of the identified vulnerabilities was conducted based on the Common Vulnerability Scoring System version 3.1 (CVSS v3.1).

****Summary****

Severity

**CVEs**

High

CVE-2022-20081, CVE-2021-25477

Medium

CVE-2022-20062, CVE-2022-20063, CVE-2022-20064, CVE-2022-20065, CVE-2022-20066, CVE-2022-20067, CVE-2022-20052, CVE-2022-20068, CVE-2022-20069, CVE-2022-20070, CVE-2022-20071, CVE-2022-20072, CVE-2022-20073, CVE-2022-20074, CVE-2022-20075, CVE-2022-20076, CVE-2022-20077, CVE-2022-20078, CVE-2022-20079, CVE-2022-20080

****Details****

CVE

**CVE-2022-20081**

Title

Insecure default initialization of resource in A-GPS

Severity

High

Vulnerability Type

ID

CWE

CWE-1188 Insecure Default Initialization of Resource

Description

In A-GPS, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2021-25477**

Title

Double free in Modem LTE RRC

Severity

High

Vulnerability Type

DoS

CWE

CWE-415 Double Free

Description

In Modem LTE RRC, there is a possible memory corruption due to a double free. This could lead to remote denial of service when decoding an incorrect ASN.1 data with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6735, MT6737, MT6739, MT6750S, MT6757, MT6757P, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6833, MT6853, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Modem LR9, LR11, LR12, LR12A, LR13, NR15

CVE

**CVE-2022-20062**

Title

Use after free in mdp

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation.

Affected Chipsets

MT6765, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6879, MT6885, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20063**

Title

Out-of-bounds write in atf (spm)

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-787 Out-of-bounds Write

Description

In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation.

Affected Chipsets

MT6765, MT8385, MT8666, MT8667, MT8766, MT8786, MT8788

Affected Software Versions

Android 9.0, 10.0

CVE

**CVE-2022-20064**

Title

Out-of-bounds read in ccci

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6737, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT6985, MT8321, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20065**

Title

Out-of-bounds read in ccci

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In ccci, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6737, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6833, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6983, MT8321, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20066**

Title

Improper handling of exceptional conditions in atf (hwfde)

Severity

Medium

Vulnerability Type

ID

CWE

CWE-755 Improper Handling of Exceptional Conditions

Description

In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8168, MT8365, MT8696

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20067**

Title

Improper input validation in mdp

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation.

Affected Chipsets

MT6731, MT6735, MT6739, MT6750, MT6755, MT6755S, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6885, MT6891, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20052**

Title

Use after free in mdp

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation.

Affected Chipsets

MT6580, MT6735, MT6737, MT6739, MT6750, MT6753, MT6755, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6890, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20068**

Title

Unix symbolic link (symlink) following in mobile\_log\_d

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-61 UNIX Symbolic Link (Symlink) Following

Description

In mobile\_log\_d, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6731, MT6732, MT6735, MT6737, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6799, MT6833, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6985, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20069**

Title

Integer overflow or wraparound in preloader (usb)

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-190 Integer Overflow or Wraparound

Description

In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation.

Affected Chipsets

MT6580, MT6735, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20070**

Title

Improper input validation in ssmr

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation.

Affected Chipsets

MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20071**

Title

Improperly implemented security check for standard in ccu

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-358 Improperly Implemented Security Check for Standard

Description

In ccu, there is a possible escalation of privilege due to a missing certificate validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation.

Affected Chipsets

MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8797

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20072**

Title

Incorrect comparison in search engine service

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-697 Incorrect Comparison

Description

In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation.

Affected Chipsets

MT6580, MT6735, MT6737, MT6739, MT6753, MT6755, MT6755S, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20073**

Title

Integer underflow (wrap or wraparound) in preloader (usb)

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-191 Integer Underflow (Wrap or Wraparound)

Description

In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation.

Affected Chipsets

MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20074**

Title

Out-of-bounds read in preloader (partition)

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-125 Out-of-bounds Read

Description

In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation.

Affected Chipsets

MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6779, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8667, MT8675, MT8695, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20075**

Title

Integer overflow or wraparound in ged

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-190 Integer Overflow or Wraparound

Description

In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392\_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20076**

Title

Improper handling of exceptional conditions in ged

Severity

Medium

Vulnerability Type

ID

CWE

CWE-755 Improper Handling of Exceptional Conditions

Description

In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392\_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20077**

Title

Concurrent execution using shared resource with improper synchronization ('race condition') in vow

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Description

In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation.

Affected Chipsets

MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20078**

Title

Concurrent execution using shared resource with improper synchronization ('race condition') in vow

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Description

In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation.

Affected Chipsets

MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20079**

Title

Improper input validation in vow

Severity

Medium

Vulnerability Type

ID

CWE

CWE-20 Improper Input Validation

Description

In vow, there is a possible read of uninitialized data due to a improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation.

Affected Chipsets

MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20080**

Title

Concurrent execution using shared resource with improper synchronization ('race condition') in SUB2AF

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Description

In SUB2AF, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation.

Affected Chipsets

MT6580, MT6735, MT6737, MT6739, MT6753, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8168, MT8321, MT8365, MT8666, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797

Affected Software Versions

Android 9.0, 10.0, 11.0, 12.0

****Vulnerability Type Definition****

Abbreviation

**Definition**

RCE

Remote Code Execution

EoP

Elevation of Privilege

ID

Information Disclosure

DoS

Denial of Service

N/A

Classification not available

****Versions****

**Version**

**Date**

**Description**

1.0

April 6, 2022

Bulletin published.

****Notes****

Information above is generated only at the time of creation of this Security Bulletin. The list of affected chipsets could be not complete. For any further information, device OEMs can reach your MediaTek contact person if needed.

If you want to report a security vulnerability in MediaTek chipsets or products, please go to Report Security Vulnerability page on MediaTek website.

Tag

#android