All the vulnerabilites related to mediatek - mt6980d
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B87E31-AC92-445B-94B8-33DBF72EC11C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7122918-8C44-4F24-82E4-B8448247FC83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846)."
},
{
"lang": "es",
"value": "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01128524; ID del problema: MOLY01128524 (MSV-846)."
}
],
"id": "CVE-2023-32841",
"lastModified": "2024-11-21T08:04:09.867",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T04:15:07.347",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B87E31-AC92-445B-94B8-33DBF72EC11C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7122918-8C44-4F24-82E4-B8448247FC83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850)."
},
{
"lang": "es",
"value": "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01128524; ID del problema: MOLY01130183 (MSV-850)."
}
],
"id": "CVE-2023-32844",
"lastModified": "2024-11-21T08:04:10.253",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T04:15:07.510",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12318A0A-16CD-48A5-98A4-373070734642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C8F9C2-6471-4498-B089-2F40D2483487",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB690F5A-9367-45D3-A53E-80BF60053630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6430E-840D-447F-892E-EA4FD7F69BAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F00B6513-EDB2-4303-9648-17ECD6DA2083",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963)."
},
{
"lang": "es",
"value": "En el modem EMM, existe un posible fallo del sistema debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01183647; ID del problema: MOLY01183647 (MSV-963)."
}
],
"id": "CVE-2023-32890",
"lastModified": "2024-11-21T08:04:16.913",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-01-02T03:15:08.587",
"references": [
{
"source": "security@mediatek.com",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B87E31-AC92-445B-94B8-33DBF72EC11C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7122918-8C44-4F24-82E4-B8448247FC83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849)."
},
{
"lang": "es",
"value": "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01130204; ID del problema: MOLY01130204 (MSV-849)."
}
],
"id": "CVE-2023-32843",
"lastModified": "2024-11-21T08:04:10.123",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T04:15:07.463",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB690F5A-9367-45D3-A53E-80BF60053630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6430E-840D-447F-892E-EA4FD7F69BAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F00B6513-EDB2-4303-9648-17ECD6DA2083",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894)."
},
{
"lang": "es",
"value": "En Modem IMS Call UA, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01161830; ID del problema: MOLY01161830 (MSV-894)."
}
],
"id": "CVE-2023-32888",
"lastModified": "2024-11-21T08:04:16.657",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:08.493",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B87E31-AC92-445B-94B8-33DBF72EC11C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7122918-8C44-4F24-82E4-B8448247FC83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860)."
},
{
"lang": "es",
"value": "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01128524; ID del problema: MOLY01139296 (MSV-860)."
}
],
"id": "CVE-2023-32845",
"lastModified": "2024-11-21T08:04:10.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T04:15:07.567",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B87E31-AC92-445B-94B8-33DBF72EC11C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7122918-8C44-4F24-82E4-B8448247FC83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848)."
},
{
"lang": "es",
"value": "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01130256; ID del problema: MOLY01130256 (MSV-848)."
}
],
"id": "CVE-2023-32842",
"lastModified": "2024-11-21T08:04:10.000",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T04:15:07.417",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12318A0A-16CD-48A5-98A4-373070734642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C8F9C2-6471-4498-B089-2F40D2483487",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB690F5A-9367-45D3-A53E-80BF60053630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6430E-840D-447F-892E-EA4FD7F69BAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F00B6513-EDB2-4303-9648-17ECD6DA2083",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893)."
},
{
"lang": "es",
"value": "En Modem IMS Stack, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda conducir a la ejecuci\u00f3n remota de c\u00f3digo sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01161803; ID del problema: MOLY01161803 (MSV-893)."
}
],
"id": "CVE-2023-32874",
"lastModified": "2024-11-21T08:04:14.860",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:07.833",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8676 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8796 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB690F5A-9367-45D3-A53E-80BF60053630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6430E-840D-447F-892E-EA4FD7F69BAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F00B6513-EDB2-4303-9648-17ECD6DA2083",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE302F6F-170E-4350-A8F4-65BE0C50CB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
"matchCriteriaId": "336FC69E-E89F-4642-B6B9-8009D9A2BD52",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807."
},
{
"lang": "es",
"value": "En el m\u00f3dem IMS SMS UA, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY00730807; ID del problema: MOLY00730807."
}
],
"id": "CVE-2023-32886",
"lastModified": "2024-11-21T08:04:16.400",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:08.400",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12318A0A-16CD-48A5-98A4-373070734642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C8F9C2-6471-4498-B089-2F40D2483487",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB690F5A-9367-45D3-A53E-80BF60053630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6430E-840D-447F-892E-EA4FD7F69BAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F00B6513-EDB2-4303-9648-17ECD6DA2083",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559."
},
{
"lang": "es",
"value": "En el servicio Bluetooth, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con privilegios de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07933038; ID del problema: MSV-559."
}
],
"id": "CVE-2023-32891",
"lastModified": "2024-11-21T08:04:17.120",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:08.633",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB690F5A-9367-45D3-A53E-80BF60053630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6430E-840D-447F-892E-EA4FD7F69BAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F00B6513-EDB2-4303-9648-17ECD6DA2083",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892)."
},
{
"lang": "es",
"value": "En Modem IMS Stack, existe un posible fallo del sistema debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01161837; ID del problema: MOLY01161837 (MSV-892)."
}
],
"id": "CVE-2023-32887",
"lastModified": "2024-11-21T08:04:16.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:08.450",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B87E31-AC92-445B-94B8-33DBF72EC11C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7122918-8C44-4F24-82E4-B8448247FC83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861)."
},
{
"lang": "es",
"value": "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01128524; ID del problema: MOLY01138453 (MSV-861)."
}
],
"id": "CVE-2023-32846",
"lastModified": "2024-11-21T08:04:10.520",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T04:15:07.613",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rdkcentral:rdkb:2022q3:*:*:*:*:*:*:*",
"matchCriteriaId": "295DD4FC-E943-412D-A63E-260C0F3887FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6528FA05-C8B7-498B-93BE-0BEFED28C1FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3367BA13-9C4D-4CCF-8E71-397F33CFF773",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C8F9C2-6471-4498-B089-2F40D2483487",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only)."
}
],
"id": "CVE-2023-20726",
"lastModified": "2024-11-21T07:41:25.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:11.433",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-06 04:15
Modified
2024-11-21 08:04
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6528FA05-C8B7-498B-93BE-0BEFED28C1FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3367BA13-9C4D-4CCF-8E71-397F33CFF773",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1BE913-70AE-49FE-99E9-E996165DF79D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D4D6DB-C22A-470D-B799-651E7FB9B602",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB690F5A-9367-45D3-A53E-80BF60053630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6430E-840D-447F-892E-EA4FD7F69BAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F00B6513-EDB2-4303-9648-17ECD6DA2083",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862)."
},
{
"lang": "es",
"value": "En modem CCCI, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. Tambi\u00e9n puede ser necesaria la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: MOLY01138425; ID del problema: MOLY01138425 (MSV-862)."
}
],
"id": "CVE-2023-32840",
"lastModified": "2024-11-21T08:04:09.620",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-11-06T04:15:08.097",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
cve-2023-32886
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8673, MT8675, MT8676, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:50:00.224Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32886",
"datePublished": "2024-01-02T02:50:00.224Z",
"dateReserved": "2023-05-16T03:04:32.173Z",
"dateUpdated": "2024-08-02T15:32:46.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32845
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-28 19:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990 |
Version: Modem NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:45.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt2735",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt2737",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6297",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6298",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6813",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6815",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6833",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6835",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6853",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6855",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6873",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6875",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6875t",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6877",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6879",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6880",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6883",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6885",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6886",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6889",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6890",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6891",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6893",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6895",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6895t",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6896",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6897",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6980",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6980d",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6983",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6985",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6989",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6990",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "modem_nr15_nr16_nr17"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32845",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T18:53:53.230062Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T19:32:20.281Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T03:46:04.973Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32845",
"datePublished": "2023-12-04T03:46:04.973Z",
"dateReserved": "2023-05-16T03:04:32.154Z",
"dateUpdated": "2024-08-28T19:32:20.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32846
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990 |
Version: Modem NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T03:46:06.378Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32846",
"datePublished": "2023-12-04T03:46:06.378Z",
"dateReserved": "2023-05-16T03:04:32.155Z",
"dateUpdated": "2024-08-02T15:32:46.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32844
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990 |
Version: Modem NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T03:46:03.547Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32844",
"datePublished": "2023-12-04T03:46:03.547Z",
"dateReserved": "2023-05-16T03:04:32.153Z",
"dateUpdated": "2024-08-02T15:32:46.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32890
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2731, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788 |
Version: Modem LR12A |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt2731",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6767",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6768",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6769",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6769t",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6769z",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8666",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8667",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8765",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8766",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8768",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8786",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8788",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
},
{
"status": "affected",
"version": "LR13"
},
{
"status": "affected",
"version": "NR15"
},
{
"status": "affected",
"version": "NR16"
},
{
"status": "affected",
"version": "NR17"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-32890",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-04T20:40:04.105133Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:22.288Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2731, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem LR12A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-01T02:34:52.152Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32890",
"datePublished": "2024-01-02T02:50:07.545Z",
"dateReserved": "2023-05-16T03:04:32.174Z",
"dateUpdated": "2024-08-02T15:32:46.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32888
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990 |
Version: Modem NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:50:03.942Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32888",
"datePublished": "2024-01-02T02:50:03.942Z",
"dateReserved": "2023-05-16T03:04:32.174Z",
"dateUpdated": "2024-08-02T15:32:46.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32874
Vulnerability from cvelistv5
Published
2024-01-02 02:49
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990 |
Version: Modem LR13 NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem LR13 NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:49:38.153Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32874",
"datePublished": "2024-01-02T02:49:38.153Z",
"dateReserved": "2023-05-16T03:04:32.171Z",
"dateUpdated": "2024-08-02T15:32:46.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32841
Vulnerability from cvelistv5
Published
2023-12-04 03:45
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990 |
Version: Modem NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T03:45:59.231Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32841",
"datePublished": "2023-12-04T03:45:59.231Z",
"dateReserved": "2023-05-16T03:04:32.153Z",
"dateUpdated": "2024-08-02T15:32:46.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32843
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990 |
Version: Modem NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T03:46:02.107Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32843",
"datePublished": "2023-12-04T03:46:02.107Z",
"dateReserved": "2023-05-16T03:04:32.153Z",
"dateUpdated": "2024-08-02T15:32:46.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32891
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2713, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8173, MT8175, MT8188, MT8195, MT8321, MT8365, MT8370, MT8385, MT8390, MT8395, MT8765, MT8766, MT8768, MT8786, MT8797, MT8798 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2713, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8173, MT8175, MT8188, MT8195, MT8321, MT8365, MT8370, MT8385, MT8390, MT8395, MT8765, MT8766, MT8768, MT8786, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:50:11.129Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32891",
"datePublished": "2024-01-02T02:50:11.129Z",
"dateReserved": "2023-05-16T03:04:32.175Z",
"dateUpdated": "2024-08-02T15:32:46.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32840
Vulnerability from cvelistv5
Published
2023-11-06 03:50
Modified
2024-09-05 15:06
Severity ?
EPSS score ?
Summary
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2731, MT2735, MT6731, MT6739, MT6761, MT6762, MT6763, MT6765, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6771T, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Modem LR12A, NR15, NR16, VMOLYN, NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:44.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt2731",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt2735",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6731",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6739",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6761",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6762",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6763",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6765",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6767",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6769",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6769t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6769z",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6771",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6771t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6771t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6813",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6833",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6833p",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6835",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6853",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6853t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6855",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6873",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6875",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6877",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6877t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6878",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6879",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6880",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6883",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6885",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6886",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6889",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6890",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6891",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6893",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6895",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6895t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6896",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6897",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6980",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6980d",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6983t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6983w",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6983z",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6985",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6985t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6989",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6990",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8666",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8667",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8673",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8675",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8765",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8766",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8786",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8788",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8789",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8797",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8798",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-32840",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T15:06:09.151529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T15:06:29.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT2731, MT2735, MT6731, MT6739, MT6761, MT6762, MT6763, MT6765, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6771T, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem LR12A, NR15, NR16, VMOLYN, NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-06T03:50:57.414Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32840",
"datePublished": "2023-11-06T03:50:57.414Z",
"dateReserved": "2023-05-16T03:04:32.153Z",
"dateUpdated": "2024-09-05T15:06:29.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20726
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2731, MT2735, MT2737, MT6580, MT6739, MT6761, MT6762, MT6765, MT6767, MT6768, MT6769, MT6771, MT6779, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6980, MT6980D, MT6983, MT6985, MT6990, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 / OpenWrt 19.07, 21.02 / Yocto 2.6, 3.3 / RDKB 2022Q3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2731, MT2735, MT2737, MT6580, MT6739, MT6761, MT6762, MT6765, MT6767, MT6768, MT6769, MT6771, MT6779, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6980, MT6980D, MT6983, MT6985, MT6990, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / OpenWrt 19.07, 21.02 / Yocto 2.6, 3.3 / RDKB 2022Q3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20726",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32842
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990 |
Version: Modem NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:44.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T03:46:00.658Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32842",
"datePublished": "2023-12-04T03:46:00.658Z",
"dateReserved": "2023-05-16T03:04:32.153Z",
"dateUpdated": "2024-08-02T15:32:44.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32887
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990 |
Version: Modem NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:50:02.182Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32887",
"datePublished": "2024-01-02T02:50:02.182Z",
"dateReserved": "2023-05-16T03:04:32.174Z",
"dateUpdated": "2024-08-02T15:32:46.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}