All the vulnerabilites related to mediatek - mt8385
cve-2023-20790
Vulnerability from cvelistv5
Published
2023-08-07 03:21
Modified
2024-10-17 14:35
Severity ?
EPSS score ?
Summary
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T14:35:07.250648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T14:35:32.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT2713, MT2735, MT2737, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / OpenWrt 19.07, 21.02 / RDK-B 22Q3 / Yocto 2.6, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T03:21:22.382Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20790",
"datePublished": "2023-08-07T03:21:22.382Z",
"dateReserved": "2022-10-28T02:03:10.778Z",
"dateUpdated": "2024-10-17T14:35:32.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20731
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-08 14:59
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8167, MT8167S, MT8173, MT8175, MT8195, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8666, MT8695, MT8781, MT8788 |
Version: Android 12.0, 13.0 / Yocto 3.1,3.3,4.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T14:59:39.633328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T14:59:48.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8167, MT8167S, MT8173, MT8175, MT8195, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8666, MT8695, MT8781, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 3.1,3.3,4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T12:11:13.200Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20731",
"datePublished": "2023-06-06T12:11:13.200Z",
"dateReserved": "2022-10-28T02:03:10.767Z",
"dateUpdated": "2025-01-08T14:59:48.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0624
Vulnerability from cvelistv5
Published
2021-11-18 14:55
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In flv extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594988; Issue ID: ALPS05594988.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/November-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In flv extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594988; Issue ID: ALPS05594988."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T14:55:53",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0624",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In flv extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594988; Issue ID: ALPS05594988."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/November-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0624",
"datePublished": "2021-11-18T14:55:53",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20659
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588413.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588413."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20659",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20010
Vulnerability from cvelistv5
Published
2024-02-05 05:59
Modified
2024-08-01 21:52
Severity ?
EPSS score ?
Summary
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:52:31.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T05:59:30.948Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2024-20010",
"datePublished": "2024-02-05T05:59:30.948Z",
"dateReserved": "2023-11-02T13:35:35.148Z",
"dateUpdated": "2024-08-01T21:52:31.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20653
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589144.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8192, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8192, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589144."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20653",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20074
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6779, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8667, MT8675, MT8695, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6779, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8667, MT8675, MT8695, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:06",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6779, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8667, MT8675, MT8695, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20074",
"datePublished": "2022-04-11T19:38:06",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0619
Vulnerability from cvelistv5
Published
2021-11-18 14:54
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/November-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT6739, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T14:54:43",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6739, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/November-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0619",
"datePublished": "2021-11-18T14:54:43",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20613
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628614; Issue ID: ALPS07628614.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628614; Issue ID: ALPS07628614."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20613",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:05:36.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20040
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6735, MT6737, MT6739, MT6755, MT6757, MT6761, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6735, MT6737, MT6739, MT6755, MT6757, MT6761, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:44",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6735, MT6737, MT6739, MT6755, MT6757, MT6761, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20040",
"datePublished": "2022-02-09T22:05:44",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21757
Vulnerability from cvelistv5
Published
2022-06-06 17:39
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468894; Issue ID: ALPS06468894.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6853, MT6877, MT6885, MT6889, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6853, MT6877, MT6885, MT6889, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468894; Issue ID: ALPS06468894."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:39:47",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21757",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6833, MT6853, MT6877, MT6885, MT6889, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468894; Issue ID: ALPS06468894."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21757",
"datePublished": "2022-06-06T17:39:47",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20754
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 17:20
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07588343.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20754",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:20:28.578341Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T17:20:42.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07588343."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:02.816Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20754",
"datePublished": "2023-07-04T01:44:02.816Z",
"dateReserved": "2022-10-28T02:03:10.771Z",
"dateUpdated": "2024-12-04T17:20:42.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20026
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126827; Issue ID: ALPS06126827.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126827; Issue ID: ALPS06126827."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:33",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126827; Issue ID: ALPS06126827."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20026",
"datePublished": "2022-02-09T22:05:33",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20692
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 16:25
Severity ?
EPSS score ?
Summary
In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664720; Issue ID: ALPS07664720.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT8167, MT8168, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788 |
Version: Android 11.0 / IOT-v23.0 (Yocto 4.0) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:25:39.028316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:25:55.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT8167, MT8168, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0 / IOT-v23.0 (Yocto 4.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664720; Issue ID: ALPS07664720."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:53.735Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20692",
"datePublished": "2023-07-04T01:44:53.735Z",
"dateReserved": "2022-10-28T02:03:10.755Z",
"dateUpdated": "2024-12-04T16:25:55.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20654
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8192, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:39.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8192, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20654",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:39.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20655
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2715, MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8192, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2715, MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8192, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20655",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20021
Vulnerability from cvelistv5
Published
2022-01-04 15:57
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198513; Issue ID: ALPS06198513.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/January-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6763, MT6771, MT7662T, MT7663, MT7668, MT8163, MT8167, MT8167S, MT8173, MT8183, MT8321, MT8362A, MT8362B, MT8385, MT8765, MT8788 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6763, MT6771, MT7662T, MT7663, MT7668, MT8163, MT8167, MT8167S, MT8173, MT8183, MT8321, MT8362A, MT8362B, MT8385, MT8765, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198513; Issue ID: ALPS06198513."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-04T15:57:13",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6763, MT6771, MT7662T, MT7663, MT7668, MT8163, MT8167, MT8167S, MT8173, MT8183, MT8321, MT8362A, MT8362B, MT8385, MT8765, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198513; Issue ID: ALPS06198513."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20021",
"datePublished": "2022-01-04T15:57:13",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20605
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:45.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20605",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:05:45.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20656
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In geniezone, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571494; Issue ID: ALPS07571494.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:39.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In geniezone, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571494; Issue ID: ALPS07571494."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20656",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:39.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21750
Vulnerability from cvelistv5
Published
2022-06-06 17:36
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521283; Issue ID: ALPS06521283.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:35.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521283; Issue ID: ALPS06521283."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:36:37",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21750",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521283; Issue ID: ALPS06521283."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21750",
"datePublished": "2022-06-06T17:36:37",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:35.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32827
Vulnerability from cvelistv5
Published
2023-10-02 02:05
Modified
2024-09-21 15:23
Severity ?
EPSS score ?
Summary
In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6879, MT6886, MT6895, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:37.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6879",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6886",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6895",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6983",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6985",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6989",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8167",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8167s",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8168",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8173",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8175",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8185",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8188",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8195",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8321",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8362a",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8365",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8385",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8390",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8395",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8666",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8673",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8675",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8765",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8766",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8786",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8788",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8789",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8797",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8798",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "12.0"
},
{
"status": "affected",
"version": "13.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-32827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-21T15:22:10.766198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-21T15:23:18.113Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6879, MT6886, MT6895, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-02T02:05:38.331Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32827",
"datePublished": "2023-10-02T02:05:38.331Z",
"dateReserved": "2023-05-16T03:04:32.150Z",
"dateUpdated": "2024-09-21T15:23:18.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32850
Vulnerability from cvelistv5
Published
2023-12-04 03:45
Modified
2024-12-02 17:54
Severity ?
EPSS score ?
Summary
In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016659; Issue ID: ALPS08016659.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6781, MT6789, MT6833, MT6853, MT6855, MT6877, MT6879, MT6883, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8175, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-06T20:51:33.900435Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T17:54:10.103Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6781, MT6789, MT6833, MT6853, MT6855, MT6877, MT6879, MT6883, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8175, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016659; Issue ID: ALPS08016659."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T03:45:44.887Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32850",
"datePublished": "2023-12-04T03:45:44.887Z",
"dateReserved": "2023-05-16T03:04:32.157Z",
"dateUpdated": "2024-12-02T17:54:10.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32872
Vulnerability from cvelistv5
Published
2024-01-02 02:49
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:49:36.395Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32872",
"datePublished": "2024-01-02T02:49:36.395Z",
"dateReserved": "2023-05-16T03:04:32.164Z",
"dateUpdated": "2024-08-02T15:32:46.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20059
Vulnerability from cvelistv5
Published
2022-03-09 17:03
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6885, MT6889, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:29.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6885, MT6889, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:03:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6885, MT6889, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20059",
"datePublished": "2022-03-09T17:03:00",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:29.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26470
Vulnerability from cvelistv5
Published
2022-09-06 17:19
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In aie, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07116037; Issue ID: ALPS07116037.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/September-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6879, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789 |
Version: Android 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6879, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In aie, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07116037; Issue ID: ALPS07116037."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T17:19:08",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26470",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6879, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789",
"version": {
"version_data": [
{
"version_value": "Android 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In aie, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07116037; Issue ID: ALPS07116037."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/September-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26470",
"datePublished": "2022-09-06T17:19:08",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20755
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 17:21
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07509605.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:20:57.998358Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T17:21:10.822Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07509605."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:05.320Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20755",
"datePublished": "2023-07-04T01:44:05.320Z",
"dateReserved": "2022-10-28T02:03:10.771Z",
"dateUpdated": "2024-12-04T17:21:10.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32807
Vulnerability from cvelistv5
Published
2023-09-04 02:28
Modified
2024-10-08 20:12
Severity ?
EPSS score ?
Summary
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT8167, MT8168, MT8173, MT8183, MT8321, MT8365, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788 |
Version: Android 13.0 / IOT-v23.0 (Yocto 4.0) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:37.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T14:00:23.201074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T20:12:19.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT8167, MT8168, MT8173, MT8183, MT8321, MT8365, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 13.0 / IOT-v23.0 (Yocto 4.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T02:28:12.386Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32807",
"datePublished": "2023-09-04T02:28:12.386Z",
"dateReserved": "2023-05-16T03:04:32.145Z",
"dateUpdated": "2024-10-08T20:12:19.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20716
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-07 18:47
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796883; Issue ID: ALPS07796883.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6789, MT6855, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8673, MT8695, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2 / Linux 4.19 (For MT5221 only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T18:47:19.355789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T18:47:27.258Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6789, MT6855, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8673, MT8695, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2 / Linux 4.19 (For MT5221 only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796883; Issue ID: ALPS07796883."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T12:11:59.153Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20716",
"datePublished": "2023-06-06T12:11:59.153Z",
"dateReserved": "2022-10-28T02:03:10.760Z",
"dateUpdated": "2025-01-07T18:47:27.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21767
Vulnerability from cvelistv5
Published
2022-07-06 13:05
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:35.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:05:46",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21767",
"datePublished": "2022-07-06T13:05:46",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:35.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20035
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171675; Issue ID: ALPS06171675.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6768, MT6769, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6768, MT6769, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171675; Issue ID: ALPS06171675."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:40",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20035",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6768, MT6769, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171675; Issue ID: ALPS06171675."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20035",
"datePublished": "2022-02-09T22:05:40",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20675
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588569.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:39.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588569."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20675",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:39.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0620
Vulnerability from cvelistv5
Published
2021-11-18 14:54
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561381.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/November-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561381."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T14:54:52",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0620",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561381."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/November-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0620",
"datePublished": "2021-11-18T14:54:52",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20024
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In system service, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219064; Issue ID: ALPS06219064.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6750, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In system service, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219064; Issue ID: ALPS06219064."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:31",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6739, MT6750, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In system service, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219064; Issue ID: ALPS06219064."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20024",
"datePublished": "2022-02-09T22:05:31",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20670
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648710; Issue ID: ALPS07648710.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2715, MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167, MT8188, MT8195, MT8321, MT8365, MT8385, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8795T, MT8797, MT8798, MT8871, MT8891 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.487Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2715, MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167, MT8188, MT8195, MT8321, MT8365, MT8385, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8795T, MT8797, MT8798, MT8871, MT8891",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648710; Issue ID: ALPS07648710."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20670",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0674
Vulnerability from cvelistv5
Published
2021-12-17 16:10
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064237.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/December-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 8.1, 9.0, 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064237."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T16:10:17",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0674",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064237."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/December-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0674",
"datePublished": "2021-12-17T16:10:17",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32641
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.833Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-03T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32641",
"datePublished": "2023-01-03T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26447
Vulnerability from cvelistv5
Published
2022-09-06 17:19
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/September-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6763, MT6771, MT8163, MT8167, MT8167S, MT8173, MT8183, MT8321, MT8362A, MT8385, MT8518, MT8532, MT8765, MT8788 |
Version: Android 10.0, 11.0, 12.0 and Yocto 3.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6763, MT6771, MT8163, MT8167, MT8167S, MT8173, MT8183, MT8321, MT8362A, MT8385, MT8518, MT8532, MT8765, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0 and Yocto 3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T17:19:04",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26447",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6763, MT6771, MT8163, MT8167, MT8167S, MT8173, MT8183, MT8321, MT8362A, MT8385, MT8518, MT8532, MT8765, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0 and Yocto 3.1"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/September-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26447",
"datePublished": "2022-09-06T17:19:04",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21776
Vulnerability from cvelistv5
Published
2022-07-06 13:07
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797, MT8798 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:07:25",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21776",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797, MT8798",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21776",
"datePublished": "2022-07-06T13:07:25",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20093
Vulnerability from cvelistv5
Published
2024-10-07 02:35
Modified
2024-10-27 02:39
Severity ?
EPSS score ?
Summary
In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1699.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789 |
Version: Android 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-20093",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T13:42:44.263959Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T02:39:40.706Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1699."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T02:35:11.241Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2024-20093",
"datePublished": "2024-10-07T02:35:11.241Z",
"dateReserved": "2023-11-02T13:35:35.174Z",
"dateUpdated": "2024-10-27T02:39:40.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32822
Vulnerability from cvelistv5
Published
2023-10-02 02:05
Modified
2024-09-23 15:23
Severity ?
EPSS score ?
Summary
In ftm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07994229; Issue ID: ALPS07994229.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2713, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6833, MT6835, MT6855, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797, MT8798 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:37.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt2713",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6739",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6761",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6762",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6765",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6769",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6771",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6779",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6833",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6835",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6855",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6877",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6879",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6883",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6885",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6886",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6889",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6891",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6893",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6895",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6985",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8167",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8167s",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8168",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8175",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8188",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8195",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8321",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8362a",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8365",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8385",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8390",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8765",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8766",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8786",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8788",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8789",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8797",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8798",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "12.0"
},
{
"status": "affected",
"version": "13.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-32822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T15:21:42.816055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T15:23:49.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT2713, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6833, MT6835, MT6855, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ftm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07994229; Issue ID: ALPS07994229."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-02T02:05:31.556Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32822",
"datePublished": "2023-10-02T02:05:31.556Z",
"dateReserved": "2023-05-16T03:04:32.148Z",
"dateUpdated": "2024-09-23T15:23:49.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20708
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20708",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32883
Vulnerability from cvelistv5
Published
2024-01-02 02:49
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2713, MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2713, MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:49:54.424Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32883",
"datePublished": "2024-01-02T02:49:54.424Z",
"dateReserved": "2023-05-16T03:04:32.173Z",
"dateUpdated": "2024-08-02T15:32:46.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21743
Vulnerability from cvelistv5
Published
2022-05-03 20:06
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In ion, there is a possible use after free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06371108; Issue ID: ALPS06371108.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/May-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible use after free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06371108; Issue ID: ALPS06371108."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T20:06:47",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21743",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ion, there is a possible use after free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06371108; Issue ID: ALPS06371108."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/May-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21743",
"datePublished": "2022-05-03T20:06:47",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32597
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32597",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20682
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6580, MT6735, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6983, MT7663, MT7668, MT7902, MT7921, MT7933, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:39.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6580, MT6735, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6983, MT7663, MT7668, MT7902, MT7921, MT7933, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20682",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:39.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0623
Vulnerability from cvelistv5
Published
2021-11-18 14:55
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/November-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8186, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8186, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T14:55:44",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8186, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/November-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0623",
"datePublished": "2021-11-18T14:55:44",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32638
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494449; Issue ID: ALPS07494449.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6781, MT6833, MT6853, MT6855, MT6873, MT6877, MT6885, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6781, MT6833, MT6853, MT6855, MT6873, MT6877, MT6885, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494449; Issue ID: ALPS07494449."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-03T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32638",
"datePublished": "2023-01-03T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20660
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6879, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8696, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798 |
Version: Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7921 and MT7902 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:39.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6879, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8696, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7921 and MT7902 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20660",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:39.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20712
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-07 18:57
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796914; Issue ID: ALPS07796914.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6789, MT6855, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8673, MT8695, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2 / Linux 4.19 (For MT5221 only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T18:57:16.368401Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T18:57:23.335Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6789, MT6855, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8673, MT8695, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2 / Linux 4.19 (For MT5221 only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796914; Issue ID: ALPS07796914."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T12:11:55.253Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20712",
"datePublished": "2023-06-06T12:11:55.253Z",
"dateReserved": "2022-10-28T02:03:10.760Z",
"dateUpdated": "2025-01-07T18:57:23.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32889
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990 |
Version: Modem NR15, NR16, and NR17 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem NR15, NR16, and NR17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:50:05.797Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32889",
"datePublished": "2024-01-02T02:50:05.797Z",
"dateReserved": "2023-05-16T03:04:32.174Z",
"dateUpdated": "2024-08-02T15:32:46.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20833
Vulnerability from cvelistv5
Published
2023-09-04 02:27
Modified
2024-10-28 01:35
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T14:08:35.400557Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T01:35:33.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T02:27:37.358Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20833",
"datePublished": "2023-09-04T02:27:37.358Z",
"dateReserved": "2022-10-28T02:03:23.685Z",
"dateUpdated": "2024-10-28T01:35:33.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20041
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108596; Issue ID: ALPS06108596.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108596; Issue ID: ALPS06108596."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:45",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108596; Issue ID: ALPS06108596."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20041",
"datePublished": "2022-02-09T22:05:45",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32633
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07441637.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0, 13.0 and Yocto 3.1,3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 and Yocto 3.1,3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07441637."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32633",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20693
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 16:26
Severity ?
EPSS score ?
Summary
In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT6895, MT6983, MT8167, MT8168, MT8195, MT8321, MT8365, MT8385, MT8666, MT8765, MT8781, MT8788 |
Version: Android 11.0, 12.0 / IOT-v23.0 (Yocto 4.0) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20693",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:26:15.420254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:26:25.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6895, MT6983, MT8167, MT8168, MT8195, MT8321, MT8365, MT8385, MT8666, MT8765, MT8781, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 / IOT-v23.0 (Yocto 4.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:56.418Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20693",
"datePublished": "2023-07-04T01:44:56.418Z",
"dateReserved": "2022-10-28T02:03:10.755Z",
"dateUpdated": "2024-12-04T16:26:25.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21751
Vulnerability from cvelistv5
Published
2022-06-06 17:36
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06511132; Issue ID: ALPS06511132.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6771, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 |
Version: Android 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:35.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6771, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06511132; Issue ID: ALPS06511132."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:36:59",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6771, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06511132; Issue ID: ALPS06511132."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21751",
"datePublished": "2022-06-06T17:36:59",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:35.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21753
Vulnerability from cvelistv5
Published
2022-06-06 17:38
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493899.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493899."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:38:16",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493899."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21753",
"datePublished": "2022-06-06T17:38:16",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20067
Vulnerability from cvelistv5
Published
2022-04-11 19:37
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836585; Issue ID: ALPS05836585.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6731, MT6735, MT6739, MT6750, MT6755, MT6755S, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6885, MT6891, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:29.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6731, MT6735, MT6739, MT6750, MT6755, MT6755S, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6885, MT6891, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836585; Issue ID: ALPS05836585."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:37:59",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6731, MT6735, MT6739, MT6750, MT6755, MT6755S, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6885, MT6891, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836585; Issue ID: ALPS05836585."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20067",
"datePublished": "2022-04-11T19:37:59",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:29.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32640
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In meta wifi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441652; Issue ID: ALPS07441652.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In meta wifi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441652; Issue ID: ALPS07441652."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-03T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32640",
"datePublished": "2023-01-03T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20028
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198663; Issue ID: ALPS06198663.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198663; Issue ID: ALPS06198663."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:34",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198663; Issue ID: ALPS06198663."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20028",
"datePublished": "2022-02-09T22:05:34",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20058
Vulnerability from cvelistv5
Published
2022-03-09 17:02
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:02:55",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20058",
"datePublished": "2022-03-09T17:02:55",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20676
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20676",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20023
Vulnerability from cvelistv5
Published
2022-01-04 15:57
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198608; Issue ID: ALPS06198608.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/January-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT7662T, MT7663, MT7668, MT7915, MT7920, MT7921, MT7922, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8362B, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT7662T, MT7663, MT7668, MT7915, MT7920, MT7921, MT7922, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8362B, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198608; Issue ID: ALPS06198608."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-04T15:57:24",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT7662T, MT7663, MT7668, MT7915, MT7920, MT7921, MT7922, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8362B, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198608; Issue ID: ALPS06198608."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20023",
"datePublished": "2022-01-04T15:57:24",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20017
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862991; Issue ID: ALPS05862991.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6765, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6765, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862991; Issue ID: ALPS05862991."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:38",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6765, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862991; Issue ID: ALPS05862991."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20017",
"datePublished": "2022-02-09T22:05:38",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32884
Vulnerability from cvelistv5
Published
2024-01-02 02:49
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2713, MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8188, MT8192, MT8195, MT8195Z, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8696, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2713, MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8188, MT8192, MT8195, MT8195Z, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8696, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:49:56.354Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32884",
"datePublished": "2024-01-02T02:49:56.354Z",
"dateReserved": "2023-05-16T03:04:32.173Z",
"dateUpdated": "2024-08-02T15:32:46.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32631
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6895, MT6983, MT8168, MT8365, MT8385, MT8666, MT8667, MT8675, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0, 13.0 and Yocto 3.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6895, MT6983, MT8168, MT8365, MT8385, MT8666, MT8667, MT8675, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 and Yocto 3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32631",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20782
Vulnerability from cvelistv5
Published
2023-08-07 03:21
Modified
2024-10-17 14:39
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550103.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T14:38:38.683318Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T14:39:18.686Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550103."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T03:21:04.622Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20782",
"datePublished": "2023-08-07T03:21:04.622Z",
"dateReserved": "2022-10-28T02:03:10.776Z",
"dateUpdated": "2024-10-17T14:39:18.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32592
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6855, MT6879, MT6895, MT6983, MT8185, MT8321, MT8385, MT8518, MT8666, MT8675, MT8765, MT8768, MT8786, MT8788, MT8789 |
Version: Android 11.0, 12.0 and Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6855, MT6879, MT6895, MT6983, MT8185, MT8321, MT8385, MT8518, MT8666, MT8675, MT8765, MT8768, MT8786, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 and Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32592",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32826
Vulnerability from cvelistv5
Published
2023-10-02 02:05
Modified
2024-09-21 15:26
Severity ?
EPSS score ?
Summary
In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6879, MT6886, MT6895, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:37.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6879",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6886",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6895",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6983",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6985",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6989",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8167",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8167s",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8168",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8173",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8175",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8185",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8188",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8195",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8321",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8362a",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8365",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8385",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8390",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8395",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8666",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8673",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8675",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8765",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8766",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8786",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8788",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8789",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8797",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8798",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "12.0"
},
{
"status": "affected",
"version": "13.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-32826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-21T15:23:55.667162Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-21T15:26:13.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6879, MT6886, MT6895, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-02T02:05:36.578Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32826",
"datePublished": "2023-10-02T02:05:36.578Z",
"dateReserved": "2023-05-16T03:04:32.149Z",
"dateUpdated": "2024-09-21T15:26:13.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32876
Vulnerability from cvelistv5
Published
2024-01-02 02:49
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:45.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:49:41.753Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32876",
"datePublished": "2024-01-02T02:49:41.753Z",
"dateReserved": "2023-05-16T03:04:32.171Z",
"dateUpdated": "2024-08-02T15:32:45.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20111
Vulnerability from cvelistv5
Published
2022-05-03 20:06
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID: ALPS06366069.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/May-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID: ALPS06366069."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T20:06:29",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID: ALPS06366069."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/May-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20111",
"datePublished": "2022-05-03T20:06:29",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26471
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6765, MT6768, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6765, MT6768, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26471",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0904
Vulnerability from cvelistv5
Published
2021-12-15 18:05
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/December-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT6771, MT8183, MT8385, MT8788 |
Version: Android 8.1, 9.0, 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:16.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6771, MT8183, MT8385, MT8788",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T16:10:04",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6771, MT8183, MT8385, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/December-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0904",
"datePublished": "2021-12-15T18:05:52",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:55:16.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21781
Vulnerability from cvelistv5
Published
2022-07-06 13:08
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704433.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704433."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:08:02",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21781",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704433."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21781",
"datePublished": "2022-07-06T13:08:02",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20698
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20698",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20052
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS05836642; Issue ID: ALPS05836642.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6750, MT6753, MT6755, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6890, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6753, MT6755, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6890, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS05836642; Issue ID: ALPS05836642."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6753, MT6755, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6890, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS05836642; Issue ID: ALPS05836642."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20052",
"datePublished": "2022-04-11T19:38:00",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32655
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:45.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "7.6.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32655",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:45.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20695
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6835, MT6880, MT6886, MT6890, MT6980, MT6985, MT6990, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 13.0 / OpenWrt 19.07, 21.02 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6835, MT6880, MT6886, MT6890, MT6980, MT6985, MT6990, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 13.0 / OpenWrt 19.07, 21.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20695",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32851
Vulnerability from cvelistv5
Published
2023-12-04 03:45
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6781, MT6789, MT6833, MT6853, MT6855, MT6877, MT6879, MT6883, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8175, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:45.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6781, MT6789, MT6833, MT6853, MT6855, MT6877, MT6879, MT6883, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8175, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T03:45:46.363Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32851",
"datePublished": "2023-12-04T03:45:46.363Z",
"dateReserved": "2023-05-16T03:04:32.157Z",
"dateUpdated": "2024-08-02T15:32:45.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20075
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05838808.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05838808."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:06",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20075",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05838808."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20075",
"datePublished": "2022-04-11T19:38:07",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32589
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07030600; Issue ID: ALPS07030600.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8512A, MT8518, MT8532, MT8667, MT8766, MT8768, MT8786, MT8788, MT8789 |
Version: Android 11.0, 12.0 and Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8512A, MT8518, MT8532, MT8667, MT8766, MT8768, MT8786, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 and Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07030600; Issue ID: ALPS07030600."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32589",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:43.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20036
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171689; Issue ID: ALPS06171689.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171689; Issue ID: ALPS06171689."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:41",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171689; Issue ID: ALPS06171689."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20036",
"datePublished": "2022-02-09T22:05:41",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20628
Vulnerability from cvelistv5
Published
2023-03-07 00:00
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494460; Issue ID: ALPS07494460.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8175, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8175, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494460; Issue ID: ALPS07494460."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-09T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/March-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20628",
"datePublished": "2023-03-07T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:05:36.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20096
Vulnerability from cvelistv5
Published
2022-05-03 19:59
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALPS06419003.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/May-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6765, MT6768, MT6769, MT8183, MT8185, MT8385, MT8666, MT8667, MT8768, MT8786, MT8788, MT8789 |
Version: Android 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6765, MT6768, MT6769, MT8183, MT8185, MT8385, MT8666, MT8667, MT8768, MT8786, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALPS06419003."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T19:59:58",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6765, MT6768, MT6769, MT8183, MT8185, MT8385, MT8666, MT8667, MT8768, MT8786, MT8788, MT8789",
"version": {
"version_data": [
{
"version_value": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALPS06419003."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/May-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20096",
"datePublished": "2022-05-03T19:59:58",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20715
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-07 18:54
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796900; Issue ID: ALPS07796900.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6789, MT6855, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8673, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2 / Linux 4.19 (For MT5221 only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20715",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T18:53:58.312382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T18:54:03.166Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6789, MT6855, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8673, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2 / Linux 4.19 (For MT5221 only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796900; Issue ID: ALPS07796900."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T12:11:57.207Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20715",
"datePublished": "2023-06-06T12:11:57.207Z",
"dateReserved": "2022-10-28T02:03:10.760Z",
"dateUpdated": "2025-01-07T18:54:03.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20657
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In mtee, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571485; Issue ID: ALPS07571485.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:39.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mtee, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571485; Issue ID: ALPS07571485."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20657",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:39.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20062
Vulnerability from cvelistv5
Published
2022-04-11 19:37
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836418; Issue ID: ALPS05836418.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6765, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6879, MT6885, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:29.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6765, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6879, MT6885, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836418; Issue ID: ALPS05836418."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:37:55",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6765, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6879, MT6885, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836418; Issue ID: ALPS05836418."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20062",
"datePublished": "2022-04-11T19:37:55",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:29.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20688
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441821; Issue ID: ALPS07441821.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2715, MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8169, MT8173, MT8175, MT8183, MT8185, MT8188, MT8192, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8891 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2715, MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8169, MT8173, MT8175, MT8183, MT8185, MT8188, MT8192, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8891",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441821; Issue ID: ALPS07441821."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20688",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20711
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20711",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20784
Vulnerability from cvelistv5
Published
2023-08-07 03:21
Modified
2024-11-14 14:59
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T14:59:09.375025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T14:59:34.763Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T03:21:08.559Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20784",
"datePublished": "2023-08-07T03:21:08.559Z",
"dateReserved": "2022-10-28T02:03:10.777Z",
"dateUpdated": "2024-11-14T14:59:34.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20029
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:35",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20029",
"datePublished": "2022-02-09T22:05:35",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32834
Vulnerability from cvelistv5
Published
2023-11-06 03:50
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:37.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-06T03:50:45.515Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32834",
"datePublished": "2023-11-06T03:50:45.515Z",
"dateReserved": "2023-05-16T03:04:32.152Z",
"dateUpdated": "2024-08-02T15:25:37.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32599
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07460390.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07460390."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32599",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20092
Vulnerability from cvelistv5
Published
2022-05-03 19:58
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/May-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6768, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8173, MT8175, MT8183, MT8185, MT8385, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6768, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8173, MT8175, MT8183, MT8185, MT8385, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T19:58:47",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6768, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8173, MT8175, MT8183, MT8185, MT8385, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/May-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20092",
"datePublished": "2022-05-03T19:58:47",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21778
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6771, MT6779, MT6785, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6891, MT6893, MT8168, MT8175, MT8183, MT8365, MT8385, MT8788 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6771, MT6779, MT6785, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6891, MT6893, MT8168, MT8175, MT8183, MT8365, MT8385, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-08T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21778",
"datePublished": "2022-11-08T00:00:00",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20725
Vulnerability from cvelistv5
Published
2023-06-06 12:12
Modified
2025-01-07 20:13
Severity ?
EPSS score ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8167, MT8175, MT8195, MT8365, MT8385, MT8673, MT8781, MT8788, MT8789 |
Version: Android 12.0, 13.0 / OpenWrt 19.07, 21.02 / RDK-B 2022Q3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T20:12:10.519743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T20:13:21.695Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8167, MT8175, MT8195, MT8365, MT8385, MT8673, MT8781, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / OpenWrt 19.07, 21.02 / RDK-B 2022Q3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T12:12:12.278Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20725",
"datePublished": "2023-06-06T12:12:12.278Z",
"dateReserved": "2022-10-28T02:03:10.766Z",
"dateUpdated": "2025-01-07T20:13:21.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20677
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-10-23 14:21
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:39.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt5221",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6789",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6833",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6855",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6877",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6879",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6895",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6983",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt7663",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt7668",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt7902",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt7921",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8167s",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8168",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8169",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8175",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8185",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8362a",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8365",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8385",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8518",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8532",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8675",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8695",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8766",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8771",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8786",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8788",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8789",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8797",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8798",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "12.0"
},
{
"status": "affected",
"version": "13.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "yocto",
"vendor": "linuxfoundation",
"versions": [
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.3"
},
{
"status": "affected",
"version": "4.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20677",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:09:16.177110Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:21:59.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20677",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-10-23T14:21:59.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0672
Vulnerability from cvelistv5
Published
2021-11-18 14:54
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-199678035
References
| ▼ | URL | Tags |
|---|---|---|
| https://source.android.com/security/bulletin/2021-11-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2021-11-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-199678035"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-15T18:05:34",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://source.android.com/security/bulletin/2021-11-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android SoC"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-199678035"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2021-11-01",
"refsource": "MISC",
"url": "https://source.android.com/security/bulletin/2021-11-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0672",
"datePublished": "2021-11-18T14:54:11",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20696
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6880, MT6890, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 13.0 / OpenWrt 19.07, 21.02 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6880, MT6890, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 13.0 / OpenWrt 19.07, 21.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20696",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21759
Vulnerability from cvelistv5
Published
2022-06-06 17:40
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In power service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419106; Issue ID: ALPS06419077.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6885, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.186Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6885, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In power service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419106; Issue ID: ALPS06419077."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:40:26",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6885, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In power service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419106; Issue ID: ALPS06419077."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21759",
"datePublished": "2022-06-06T17:40:26",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20025
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126832; Issue ID: ALPS06126832.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126832; Issue ID: ALPS06126832."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:32",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126832; Issue ID: ALPS06126832."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20025",
"datePublished": "2022-02-09T22:05:32",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26434
Vulnerability from cvelistv5
Published
2022-08-01 13:58
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 or Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T13:58:19",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/August-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26434",
"datePublished": "2022-08-01T13:58:19",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21777
Vulnerability from cvelistv5
Published
2022-07-06 13:07
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06713894; Issue ID: ALPS06713894.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6885, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6885, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06713894; Issue ID: ALPS06713894."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:07:31",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21777",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6885, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06713894; Issue ID: ALPS06713894."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21777",
"datePublished": "2022-07-06T13:07:31",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20749
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-07 19:09
Severity ?
EPSS score ?
Summary
In swpm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780926.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20749",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T19:09:45.150222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T19:09:50.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6789, MT6835, MT6855, MT6879, MT6886, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In swpm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780926."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T12:11:47.207Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20749",
"datePublished": "2023-06-06T12:11:47.207Z",
"dateReserved": "2022-10-28T02:03:10.770Z",
"dateUpdated": "2025-01-07T19:09:50.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32594
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32594",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20045
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:48",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20045",
"datePublished": "2022-02-09T22:05:48",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20728
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-07 20:16
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6781, MT6789, MT6833, MT6835, MT6855, MT6877, MT6879, MT6886, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8185, MT8195, MT8362A, MT8365, MT8385, MT8395, MT8518, MT8532, MT8673, MT8675, MT8695, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20728",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T20:15:22.202999Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T20:16:26.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6781, MT6789, MT6833, MT6835, MT6855, MT6877, MT6879, MT6886, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8185, MT8195, MT8362A, MT8365, MT8385, MT8395, MT8518, MT8532, MT8673, MT8675, MT8695, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T12:11:07.153Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20728",
"datePublished": "2023-06-06T12:11:07.153Z",
"dateReserved": "2022-10-28T02:03:10.766Z",
"dateUpdated": "2025-01-07T20:16:26.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20710
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20710",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20012
Vulnerability from cvelistv5
Published
2024-02-05 05:59
Modified
2024-08-01 21:52
Severity ?
EPSS score ?
Summary
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6895, MT6983, MT6985, MT8321, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:52:31.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6895, MT6983, MT6985, MT8321, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T05:59:35.241Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2024-20012",
"datePublished": "2024-02-05T05:59:35.241Z",
"dateReserved": "2023-11-02T13:35:35.150Z",
"dateUpdated": "2024-08-01T21:52:31.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20753
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 17:30
Severity ?
EPSS score ?
Summary
In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07588667.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20753",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:29:57.960827Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T17:30:09.749Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07588667."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:07.720Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20753",
"datePublished": "2023-07-04T01:44:07.720Z",
"dateReserved": "2022-10-28T02:03:10.771Z",
"dateUpdated": "2024-12-04T17:30:09.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32598
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32598",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32634
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32634",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20072
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID: ALPS06219118.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6753, MT6755, MT6755S, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6753, MT6755, MT6755S, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID: ALPS06219118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:04",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6753, MT6755, MT6755S, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID: ALPS06219118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20072",
"datePublished": "2022-04-11T19:38:04",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32656
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:45.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "7.6.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32656",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:45.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21775
Vulnerability from cvelistv5
Published
2022-07-06 13:07
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:35.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:07:19",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21775",
"datePublished": "2022-07-06T13:07:19",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:35.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20726
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2731, MT2735, MT2737, MT6580, MT6739, MT6761, MT6762, MT6765, MT6767, MT6768, MT6769, MT6771, MT6779, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6980, MT6980D, MT6983, MT6985, MT6990, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 / OpenWrt 19.07, 21.02 / Yocto 2.6, 3.3 / RDKB 2022Q3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2731, MT2735, MT2737, MT6580, MT6739, MT6761, MT6762, MT6765, MT6767, MT6768, MT6769, MT6771, MT6779, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6980, MT6980D, MT6983, MT6985, MT6990, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / OpenWrt 19.07, 21.02 / Yocto 2.6, 3.3 / RDKB 2022Q3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20726",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26472
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26472",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26446
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2731, MT2735, MT6297, MT6725, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Modem LR12A,
LR13,
NR15,
NR16 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2731, MT2735, MT6297, MT6725, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem LR12A, \nLR13, \nNR15,\nNR16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-08T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26446",
"datePublished": "2022-11-08T00:00:00",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32636
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-03T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32636",
"datePublished": "2023-01-03T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20612
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629571; Issue ID: ALPS07629571.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629571; Issue ID: ALPS07629571."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20612",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:05:36.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21752
Vulnerability from cvelistv5
Published
2022-06-06 17:37
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493873.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:35.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493873."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:37:51",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493873."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21752",
"datePublished": "2022-06-06T17:37:51",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:35.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21779
Vulnerability from cvelistv5
Published
2022-07-06 13:07
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704393.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704393."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:07:37",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704393."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21779",
"datePublished": "2022-07-06T13:07:37",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20109
Vulnerability from cvelistv5
Published
2022-05-03 19:56
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In ion, there is a possible use after free due to improper update of reference count. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399915.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/May-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible use after free due to improper update of reference count. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399915."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T19:56:22",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ion, there is a possible use after free due to improper update of reference count. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399915."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/May-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20109",
"datePublished": "2022-05-03T19:56:22",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21761
Vulnerability from cvelistv5
Published
2022-06-06 17:41
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479532; Issue ID: ALPS06479532.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT9636, MT9638, MT9666 |
Version: Android 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT9636, MT9638, MT9666",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479532; Issue ID: ALPS06479532."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:41:06",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21761",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT9636, MT9638, MT9666",
"version": {
"version_data": [
{
"version_value": "Android 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479532; Issue ID: ALPS06479532."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21761",
"datePublished": "2022-06-06T17:41:06",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20614
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20614",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:05:36.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20085
Vulnerability from cvelistv5
Published
2022-05-03 19:57
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In netdiag, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308877; Issue ID: ALPS06308877.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/May-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In netdiag, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308877; Issue ID: ALPS06308877."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T19:57:05",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In netdiag, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308877; Issue ID: ALPS06308877."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/May-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20085",
"datePublished": "2022-05-03T19:57:05",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20043
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06148177; Issue ID: ALPS06148177.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06148177; Issue ID: ALPS06148177."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:46",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06148177; Issue ID: ALPS06148177."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20043",
"datePublished": "2022-02-09T22:05:46",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26431
Vulnerability from cvelistv5
Published
2022-08-01 13:57
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032553; Issue ID: ALPS07032553.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 or Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032553; Issue ID: ALPS07032553."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T13:57:42",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032553; Issue ID: ALPS07032553."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/August-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26431",
"datePublished": "2022-08-01T13:57:42",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20756
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 21:42
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07549928.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.005Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20756",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T18:59:16.103998Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T21:42:31.141Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07549928."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:10.299Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20756",
"datePublished": "2023-07-04T01:44:10.299Z",
"dateReserved": "2022-10-28T02:03:10.771Z",
"dateUpdated": "2024-12-04T21:42:31.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20046
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:49",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20046",
"datePublished": "2022-02-09T22:05:49",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20694
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6789, MT6853, MT6855, MT6873, MT6879, MT6880, MT6885, MT6890, MT6895, MT6983, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 12.0, 13.0 / OpenWrt 19.07, 21.02 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6789, MT6853, MT6855, MT6873, MT6879, MT6880, MT6885, MT6890, MT6895, MT6983, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / OpenWrt 19.07, 21.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20694",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26430
Vulnerability from cvelistv5
Published
2022-08-01 13:57
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 or Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T13:57:29",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/August-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26430",
"datePublished": "2022-08-01T13:57:29",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26428
Vulnerability from cvelistv5
Published
2022-08-01 13:56
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT6761, MT6765, MT6771, MT8163, MT8167, MT8173, MT8183, MT8362A, MT8385, MT8695 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6761, MT6765, MT6771, MT8163, MT8167, MT8173, MT8183, MT8362A, MT8385, MT8695",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T13:56:52",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6739, MT6761, MT6765, MT6771, MT8163, MT8167, MT8173, MT8183, MT8362A, MT8385, MT8695",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/August-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26428",
"datePublished": "2022-08-01T13:56:52",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20068
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In mobile_log_d, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308907; Issue ID: ALPS06308907.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6731, MT6732, MT6735, MT6737, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6799, MT6833, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6985, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:29.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6731, MT6732, MT6735, MT6737, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6799, MT6833, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6985, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mobile_log_d, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308907; Issue ID: ALPS06308907."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:01",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6731, MT6732, MT6735, MT6737, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6799, MT6833, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6985, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mobile_log_d, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308907; Issue ID: ALPS06308907."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20068",
"datePublished": "2022-04-11T19:38:01",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:29.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20690
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 16:24
Severity ?
EPSS score ?
Summary
In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT8167, MT8168, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788 |
Version: Android 11.0, 12.0 / IOT-v23.0 (Yocto 4.0) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:39.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20690",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:24:40.898709Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:24:56.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT8167, MT8168, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 / IOT-v23.0 (Yocto 4.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:48.695Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20690",
"datePublished": "2023-07-04T01:44:48.695Z",
"dateReserved": "2022-10-28T02:03:10.755Z",
"dateUpdated": "2024-12-04T16:24:56.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20050
Vulnerability from cvelistv5
Published
2022-03-09 17:02
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In connsyslogger, there is a possible symbolic link following due to improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06335038; Issue ID: ALPS06335038.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8696, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8696, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In connsyslogger, there is a possible symbolic link following due to improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06335038; Issue ID: ALPS06335038."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:02:27",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8696, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In connsyslogger, there is a possible symbolic link following due to improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06335038; Issue ID: ALPS06335038."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20050",
"datePublished": "2022-03-09T17:02:27",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20053
Vulnerability from cvelistv5
Published
2022-03-09 17:02
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In ims service, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219097; Issue ID: ALPS06219097.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ims service, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219097; Issue ID: ALPS06219097."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:02:17",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ims service, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219097; Issue ID: ALPS06219097."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20053",
"datePublished": "2022-03-09T17:02:17",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20044
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126814; Issue ID: ALPS06126814.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126814; Issue ID: ALPS06126814."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:47",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126814; Issue ID: ALPS06126814."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20044",
"datePublished": "2022-02-09T22:05:47",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20063
Vulnerability from cvelistv5
Published
2022-04-11 19:37
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171715; Issue ID: ALPS06171715.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6765, MT8385, MT8666, MT8667, MT8766, MT8786, MT8788 |
Version: Android 9.0, 10.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6765, MT8385, MT8666, MT8667, MT8766, MT8786, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 9.0, 10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171715; Issue ID: ALPS06171715."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:37:56",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6765, MT8385, MT8666, MT8667, MT8766, MT8786, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 9.0, 10.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171715; Issue ID: ALPS06171715."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20063",
"datePublished": "2022-04-11T19:37:56",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26432
Vulnerability from cvelistv5
Published
2022-08-01 13:57
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 or Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T13:57:55",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/August-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26432",
"datePublished": "2022-08-01T13:57:55",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0676
Vulnerability from cvelistv5
Published
2021-12-17 16:10
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863009; Issue ID: ALPS05863009.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/December-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 8.1, 9.0, 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863009; Issue ID: ALPS05863009."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T16:10:06",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863009; Issue ID: ALPS05863009."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/December-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0676",
"datePublished": "2021-12-17T16:10:06",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20054
Vulnerability from cvelistv5
Published
2022-03-09 17:02
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6750, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT8167, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6750, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT8167, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:02:36",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6739, MT6750, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT8167, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20054",
"datePublished": "2022-03-09T17:02:36",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0673
Vulnerability from cvelistv5
Published
2021-12-17 16:10
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05977326; Issue ID: ALPS05977326.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/December-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT6779, MT6781, MT6785, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, MT8185, MT8195, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6779, MT6781, MT6785, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, MT8185, MT8195, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05977326; Issue ID: ALPS05977326."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T16:10:16",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6779, MT6781, MT6785, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, MT8185, MT8195, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05977326; Issue ID: ALPS05977326."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/December-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0673",
"datePublished": "2021-12-17T16:10:16",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20837
Vulnerability from cvelistv5
Published
2023-09-04 02:27
Modified
2024-10-21 17:17
Severity ?
EPSS score ?
Summary
In seninf, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07992786; Issue ID: ALPS07992786.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6885, MT6893, MT8185, MT8385, MT8781, MT8788, MT8789, MT8797 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8797",
"vendor": "mediatek",
"versions": [
{
"status": "affected",
"version": "Android 12.0"
},
{
"status": "affected",
"version": "Android 13.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20837",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:15:41.699069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T17:17:26.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6885, MT6893, MT8185, MT8385, MT8781, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In seninf, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07992786; Issue ID: ALPS07992786."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T02:27:43.828Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20837",
"datePublished": "2023-09-04T02:27:43.828Z",
"dateReserved": "2022-10-28T02:03:23.687Z",
"dateUpdated": "2024-10-21T17:17:26.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20674
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588552.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588552."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20674",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20056
Vulnerability from cvelistv5
Published
2022-03-09 17:02
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:02:46",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20056",
"datePublished": "2022-03-09T17:02:46",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20662
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560765; Issue ID: ALPS07560765.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6879, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8696, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798 |
Version: Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7921 and MT7902 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6879, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8696, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7921 and MT7902 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560765; Issue ID: ALPS07560765."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20662",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21783
Vulnerability from cvelistv5
Published
2022-07-06 13:08
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704482.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:35.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704482."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:08:14",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704482."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21783",
"datePublished": "2022-07-06T13:08:14",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:35.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21780
Vulnerability from cvelistv5
Published
2022-07-06 13:07
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704526.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704526."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:07:43",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21780",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704526."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21780",
"datePublished": "2022-07-06T13:07:43",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20027
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126826; Issue ID: ALPS06126826.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126826; Issue ID: ALPS06126826."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:33",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126826; Issue ID: ALPS06126826."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20027",
"datePublished": "2022-02-09T22:05:33",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32602
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6883, MT6983, MT8183, MT8185, MT8321, MT8385, MT8675, MT8765, MT8766, MT8768, MT8786, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6883, MT6983, MT8183, MT8185, MT8321, MT8385, MT8675, MT8765, MT8766, MT8768, MT8786, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-08T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32602",
"datePublished": "2022-11-08T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32810
Vulnerability from cvelistv5
Published
2023-09-04 02:28
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2713, MT5221, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6890, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8175, MT8185, MT8188, MT8188T, MT8195, MT8321, MT8365, MT8385, MT8518S, MT8532, MT8666, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 12.0, 13.0 / RDK-B 22Q3 / Linux4.19 / Yocto 3.1, 3.3, 4.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:37.019Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2713, MT5221, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6890, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8175, MT8185, MT8188, MT8188T, MT8195, MT8321, MT8365, MT8385, MT8518S, MT8532, MT8666, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / RDK-B 22Q3 / Linux4.19 / Yocto 3.1, 3.3, 4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T02:28:17.305Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32810",
"datePublished": "2023-09-04T02:28:17.305Z",
"dateReserved": "2023-05-16T03:04:32.146Z",
"dateUpdated": "2024-08-02T15:25:37.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20076
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05839556.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05839556."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:07",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20076",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05839556."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20076",
"datePublished": "2022-04-11T19:38:07",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26435
Vulnerability from cvelistv5
Published
2022-08-01 13:58
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 or Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T13:58:29",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/August-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26435",
"datePublished": "2022-08-01T13:58:29",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20661
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6879, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8696, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798 |
Version: Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7921 and MT7902 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6879, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8696, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7921 and MT7902 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20661",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20709
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20709",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20020
Vulnerability from cvelistv5
Published
2022-01-04 15:57
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In libvcodecdrv, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05943906; Issue ID: ALPS05943906.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/January-2022 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libvcodecdrv, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05943906; Issue ID: ALPS05943906."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-04T15:57:07",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6739, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libvcodecdrv, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05943906; Issue ID: ALPS05943906."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20020",
"datePublished": "2022-01-04T15:57:07",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20766
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 21:41
Severity ?
EPSS score ?
Summary
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6886, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T19:08:02.628965Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T21:41:27.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6886, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:26.268Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20766",
"datePublished": "2023-07-04T01:44:26.268Z",
"dateReserved": "2022-10-28T02:03:10.773Z",
"dateUpdated": "2024-12-04T21:41:27.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32590
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07299425; Issue ID: ALPS07299425.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8512A, MT8518, MT8532, MT8667, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789 |
Version: Android 11.0, 12.0 and Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8512A, MT8518, MT8532, MT8667, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 and Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07299425; Issue ID: ALPS07299425."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32590",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:43.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32596
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32596",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20013
Vulnerability from cvelistv5
Published
2024-02-05 05:59
Modified
2024-08-01 21:52
Severity ?
EPSS score ?
Summary
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0, 14.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:52:31.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0, 14.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T05:59:36.678Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2024-20013",
"datePublished": "2024-02-05T05:59:36.678Z",
"dateReserved": "2023-11-02T13:35:35.150Z",
"dateUpdated": "2024-08-01T21:52:31.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32607
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In aee, there is a possible use after free due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202891; Issue ID: ALPS07202891.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8791T, MT8795T, MT8797, MT8871, MT8891 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8791T, MT8795T, MT8797, MT8871, MT8891",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In aee, there is a possible use after free due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202891; Issue ID: ALPS07202891."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-08T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32607",
"datePublished": "2022-11-08T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21755
Vulnerability from cvelistv5
Published
2022-06-06 17:39
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545464; Issue ID: ALPS06545464.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545464; Issue ID: ALPS06545464."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:39:06",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545464; Issue ID: ALPS06545464."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21755",
"datePublished": "2022-06-06T17:39:06",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21784
Vulnerability from cvelistv5
Published
2022-07-06 13:08
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704462.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704462."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:08:20",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21784",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704462."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21784",
"datePublished": "2022-07-06T13:08:20",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20073
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:05",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20073",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20073",
"datePublished": "2022-04-11T19:38:05",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20069
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160425; Issue ID: ALPS06160425.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:29.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160425; Issue ID: ALPS06160425."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:02",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160425; Issue ID: ALPS06160425."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/April-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20069",
"datePublished": "2022-04-11T19:38:02",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:29.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32635
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573237.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573237."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-03T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32635",
"datePublished": "2023-01-03T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20750
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-07 19:07
Severity ?
EPSS score ?
Summary
In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780928.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6835, MT6886, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791T, MT8797 |
Version: Android 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20750",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T19:07:42.652304Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T19:07:56.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6835, MT6886, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780928."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T12:11:49.210Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20750",
"datePublished": "2023-06-06T12:11:49.210Z",
"dateReserved": "2022-10-28T02:03:10.770Z",
"dateUpdated": "2025-01-07T19:07:56.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20616
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07560720.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8183, MT8321, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791T, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:45.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8183, MT8321, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07560720."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20616",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:05:45.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20652
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589135.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8192, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:39.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8192, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589135."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20652",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:39.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26426
Vulnerability from cvelistv5
Published
2022-08-01 13:56
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6853, MT6873, MT6877, MT6893, MT8167, MT8167S, MT8168, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6853, MT6873, MT6877, MT6893, MT8167, MT8167S, MT8168, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T13:56:29",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6833, MT6853, MT6873, MT6877, MT6893, MT8167, MT8167S, MT8168, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/August-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26426",
"datePublished": "2022-08-01T13:56:29",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32591
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32591",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20055
Vulnerability from cvelistv5
Published
2022-03-09 17:02
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:02:41",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20055",
"datePublished": "2022-03-09T17:02:41",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32639
Vulnerability from cvelistv5
Published
2023-01-03 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT6768, MT6771, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT8167, MT8167S, MT8362A, MT8385, MT8518S, MT8532, MT8765, MT8786, MT8791 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6768, MT6771, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT8167, MT8167S, MT8362A, MT8385, MT8518S, MT8532, MT8765, MT8786, MT8791",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-03T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32639",
"datePublished": "2023-01-03T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32601
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; Issue ID: ALPS07319132.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8795T, MT8797, MT8798 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8795T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; Issue ID: ALPS07319132."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-08T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32601",
"datePublished": "2022-11-08T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20042
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:45",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20042",
"datePublished": "2022-02-09T22:05:45",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20664
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In gz, there is a possible double free due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505952; Issue ID: ALPS07505952.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8185, MT8188, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8185, MT8188, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gz, there is a possible double free due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505952; Issue ID: ALPS07505952."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20664",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20060
Vulnerability from cvelistv5
Published
2022-03-09 17:03
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6885, MT6889, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:29.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6885, MT6889, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:03:05",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6885, MT6889, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20060",
"datePublished": "2022-03-09T17:03:05",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:29.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26467
Vulnerability from cvelistv5
Published
2022-09-06 17:19
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In rpmb, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07167738; Issue ID: ALPS07167738.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/September-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8183, MT8321, MT8365, MT8385, MT8666, MT8675, MT8765, MT8768, MT8786, MT8788, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8183, MT8321, MT8365, MT8385, MT8666, MT8675, MT8765, MT8768, MT8786, MT8788, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In rpmb, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07167738; Issue ID: ALPS07167738."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T17:19:07",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26467",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8183, MT8321, MT8365, MT8385, MT8666, MT8675, MT8765, MT8768, MT8786, MT8788, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In rpmb, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07167738; Issue ID: ALPS07167738."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/September-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26467",
"datePublished": "2022-09-06T17:19:07",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21745
Vulnerability from cvelistv5
Published
2022-06-06 17:29
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:35.431Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:29:05",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21745",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21745",
"datePublished": "2022-06-06T17:29:05",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:35.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32875
Vulnerability from cvelistv5
Published
2024-01-02 02:49
Modified
2024-09-06 17:56
Severity ?
EPSS score ?
Summary
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:45.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32875",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T20:31:49.361360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T17:56:05.698Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T02:49:39.992Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32875",
"datePublished": "2024-01-02T02:49:39.992Z",
"dateReserved": "2023-05-16T03:04:32.171Z",
"dateUpdated": "2024-09-06T17:56:05.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20037
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171705; Issue ID: ALPS06171705.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/February-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171705; Issue ID: ALPS06171705."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:41",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171705; Issue ID: ALPS06171705."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/February-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20037",
"datePublished": "2022-02-09T22:05:41",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20838
Vulnerability from cvelistv5
Published
2023-09-04 02:27
Modified
2024-10-08 20:13
Severity ?
EPSS score ?
Summary
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2713, MT6895, MT6897, MT6983, MT8188, MT8195, MT8395, MT8673 |
Version: Android 11.0, 12.0 / Linux 6.1 / IOT-v23.0 / Yocto 4.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20838",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T14:00:34.514344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T20:13:21.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT2713, MT6895, MT6897, MT6983, MT8188, MT8195, MT8395, MT8673",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 / Linux 6.1 / IOT-v23.0 / Yocto 4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T02:27:45.442Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20838",
"datePublished": "2023-09-04T02:27:45.442Z",
"dateReserved": "2022-10-28T02:03:23.690Z",
"dateUpdated": "2024-10-08T20:13:21.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32654
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "7.6.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32654",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0664
Vulnerability from cvelistv5
Published
2021-11-18 14:57
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/November-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6889, MT8183, MT8385, MT8768, MT8788 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6889, MT8183, MT8385, MT8768, MT8788",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T14:57:55",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6889, MT8183, MT8385, MT8768, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/November-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0664",
"datePublished": "2021-11-18T14:57:55",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20679
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588453.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.313Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588453."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20679",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21768
Vulnerability from cvelistv5
Published
2022-07-06 13:05
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT8167S, MT8175, MT8183, MT8362A, MT8365, MT8385 |
Version: Android 8.1, 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT8167S, MT8175, MT8183, MT8362A, MT8365, MT8385",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:05:52",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT8167S, MT8175, MT8183, MT8362A, MT8365, MT8385",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21768",
"datePublished": "2022-07-06T13:05:52",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20022
Vulnerability from cvelistv5
Published
2022-01-04 15:57
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198578; Issue ID: ALPS06198578.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/January-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6763, MT6771, MT7662T, MT7663, MT7668, MT8163, MT8167, MT8167S, MT8173, MT8183, MT8321, MT8362A, MT8362B, MT8385, MT8765, MT8788 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6763, MT6771, MT7662T, MT7663, MT7668, MT8163, MT8167, MT8167S, MT8173, MT8183, MT8321, MT8362A, MT8362B, MT8385, MT8765, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198578; Issue ID: ALPS06198578."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-04T15:57:18",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6763, MT6771, MT7662T, MT7663, MT7668, MT8163, MT8167, MT8167S, MT8173, MT8183, MT8321, MT8362A, MT8362B, MT8385, MT8765, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198578; Issue ID: ALPS06198578."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20022",
"datePublished": "2022-01-04T15:57:18",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20091
Vulnerability from cvelistv5
Published
2024-10-07 02:35
Modified
2024-10-27 02:42
Severity ?
EPSS score ?
Summary
In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1701.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789 |
Version: Android 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-20091",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T14:03:31.796928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T02:42:48.348Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1701."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T02:35:07.795Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2024-20091",
"datePublished": "2024-10-07T02:35:07.795Z",
"dateReserved": "2023-11-02T13:35:35.174Z",
"dateUpdated": "2024-10-27T02:42:48.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20732
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-08 14:57
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8167, MT8167S, MT8173, MT8175, MT8195, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8666, MT8695, MT8781, MT8788 |
Version: Android 12.0, 13.0 / Yocto 3.1,3.3,4.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T14:57:11.638473Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T14:57:15.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8167, MT8167S, MT8173, MT8175, MT8195, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8666, MT8695, MT8781, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 3.1,3.3,4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T12:11:15.218Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20732",
"datePublished": "2023-06-06T12:11:15.218Z",
"dateReserved": "2022-10-28T02:03:10.767Z",
"dateUpdated": "2025-01-08T14:57:15.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32847
Vulnerability from cvelistv5
Published
2023-12-04 03:45
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2713, MT6580, MT6739, MT6761, MT6762, MT6765, MT6779, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:45.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2713, MT6580, MT6739, MT6761, MT6762, MT6765, MT6779, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T03:45:41.985Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32847",
"datePublished": "2023-12-04T03:45:41.985Z",
"dateReserved": "2023-05-16T03:04:32.155Z",
"dateUpdated": "2024-08-02T15:32:45.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20781
Vulnerability from cvelistv5
Published
2023-08-07 03:21
Modified
2024-10-17 14:40
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T14:40:07.455816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T14:40:21.172Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T03:21:02.665Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20781",
"datePublished": "2023-08-07T03:21:02.665Z",
"dateReserved": "2022-10-28T02:03:10.776Z",
"dateUpdated": "2024-10-17T14:40:21.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26468
Vulnerability from cvelistv5
Published
2022-09-06 17:19
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07168125; Issue ID: ALPS07168125.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/September-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07168125; Issue ID: ALPS07168125."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T17:19:08",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07168125; Issue ID: ALPS07168125."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/September-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26468",
"datePublished": "2022-09-06T17:19:08",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20014
Vulnerability from cvelistv5
Published
2022-01-04 15:56
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/January-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, MT8185, MT8385, MT8788, MT8789 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, MT8185, MT8385, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-04T15:56:34",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, MT8185, MT8385, MT8788, MT8789",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20014",
"datePublished": "2022-01-04T15:56:34",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0621
Vulnerability from cvelistv5
Published
2021-11-18 14:55
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561383.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/November-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8184, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8184, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561383."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T14:55:03",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8184, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561383."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/November-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0621",
"datePublished": "2021-11-18T14:55:03",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20086
Vulnerability from cvelistv5
Published
2024-09-02 02:07
Modified
2024-09-03 14:20
Severity ?
EPSS score ?
Summary
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6765, MT6768, MT6779, MT6785, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789 |
Version: Android 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6765",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6779",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6785",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8385",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8666",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8667",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8766",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8788",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8789",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "12.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-20086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T14:20:16.819281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T14:20:26.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6765, MT6768, MT6779, MT6785, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-02T02:07:33.155Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/September-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2024-20086",
"datePublished": "2024-09-02T02:07:33.155Z",
"dateReserved": "2023-11-02T13:35:35.173Z",
"dateUpdated": "2024-09-03T14:20:26.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26429
Vulnerability from cvelistv5
Published
2022-08-01 13:57
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6739, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8173, MT8185, MT8321, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6739, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8173, MT8185, MT8321, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T13:57:06",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6739, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8173, MT8185, MT8321, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/August-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26429",
"datePublished": "2022-08-01T13:57:06",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26433
Vulnerability from cvelistv5
Published
2022-08-01 13:58
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/August-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 or Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T13:58:06",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0 or Yocto 3.1, 3.3"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/August-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26433",
"datePublished": "2022-08-01T13:58:06",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20012
Vulnerability from cvelistv5
Published
2022-01-04 15:56
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issue ID: ALPS05836478.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/January-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6757, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8163, MT8167, MT8168, MT8169, MT8173, MT8183, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8788 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6757, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8163, MT8167, MT8168, MT8169, MT8173, MT8183, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issue ID: ALPS05836478."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-04T15:56:21",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6757, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8163, MT8167, MT8168, MT8169, MT8173, MT8183, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issue ID: ALPS05836478."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20012",
"datePublished": "2022-01-04T15:56:21",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21754
Vulnerability from cvelistv5
Published
2022-06-06 17:38
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535953; Issue ID: ALPS06535953.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535953; Issue ID: ALPS06535953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:38:45",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6762, MT6765, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535953; Issue ID: ALPS06535953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21754",
"datePublished": "2022-06-06T17:38:45",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20051
Vulnerability from cvelistv5
Published
2022-03-09 17:02
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:02:32",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20051",
"datePublished": "2022-03-09T17:02:32",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21785
Vulnerability from cvelistv5
Published
2022-07-06 13:08
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06807363; Issue ID: ALPS06807363.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6877, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6877, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06807363; Issue ID: ALPS06807363."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:08:27",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6877, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06807363; Issue ID: ALPS06807363."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21785",
"datePublished": "2022-07-06T13:08:27",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32595
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446236; Issue ID: ALPS07446236.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446236; Issue ID: ALPS07446236."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32595",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32835
Vulnerability from cvelistv5
Published
2023-11-06 03:50
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:37.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-06T03:50:47.125Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-32835",
"datePublished": "2023-11-06T03:50:47.125Z",
"dateReserved": "2023-05-16T03:04:32.152Z",
"dateUpdated": "2024-08-02T15:25:37.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21782
Vulnerability from cvelistv5
Published
2022-07-06 13:08
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704508.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704508."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:08:08",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21782",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6761, MT6779, MT6781, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704508."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21782",
"datePublished": "2022-07-06T13:08:08",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0622
Vulnerability from cvelistv5
Published
2021-11-18 14:55
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561388.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/November-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561388."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T14:55:30",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0622",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561388."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/November-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0622",
"datePublished": "2021-11-18T14:55:30",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20087
Vulnerability from cvelistv5
Published
2024-09-02 02:07
Modified
2024-09-03 14:18
Severity ?
EPSS score ?
Summary
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6765, MT6768, MT6779, MT6785, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789 |
Version: Android 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6765",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6779",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6785",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8385",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8666",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8667",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8766",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8788",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8789",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "12.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-20087",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T14:16:49.827411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T14:18:57.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6765, MT6768, MT6779, MT6785, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-02T02:07:34.765Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/September-2024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2024-20087",
"datePublished": "2024-09-02T02:07:34.765Z",
"dateReserved": "2023-11-02T13:35:35.173Z",
"dateUpdated": "2024-09-03T14:18:57.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20691
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 16:25
Severity ?
EPSS score ?
Summary
In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788 |
Version: Android 11.0, 12.0 / IOT-v23.0 (Yocto 4.0) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20691",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:25:13.837991Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:25:22.617Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 / IOT-v23.0 (Yocto 4.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:51.177Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20691",
"datePublished": "2023-07-04T01:44:51.177Z",
"dateReserved": "2022-10-28T02:03:10.755Z",
"dateUpdated": "2024-12-04T16:25:22.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32663
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7668, MT7902, MT7915, MT7916, MT7921, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "7.6.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32663",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20663
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560741; Issue ID: ALPS07560741.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT5221, MT6879, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8696, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798 |
Version: Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7921 and MT7902 chipsets only) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5221, MT6879, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8696, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7921 and MT7902 chipsets only)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560741; Issue ID: ALPS07560741."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20663",
"datePublished": "2023-04-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32619
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-32619",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-06-09T00:00:00",
"dateUpdated": "2024-08-03T07:46:44.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20783
Vulnerability from cvelistv5
Published
2023-08-07 03:21
Modified
2024-11-14 15:00
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20783",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T15:00:04.910781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T15:00:14.635Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T03:21:06.590Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20783",
"datePublished": "2023-08-07T03:21:06.590Z",
"dateReserved": "2022-10-28T02:03:10.777Z",
"dateUpdated": "2024-11-14T15:00:14.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20049
Vulnerability from cvelistv5
Published
2022-03-09 17:02
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6779, MT6785, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8788 |
Version: Android 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6779, MT6785, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:02:22",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20049",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6779, MT6785, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8788",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/March-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20049",
"datePublished": "2022-03-09T17:02:22",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T01:55:46.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20780
Vulnerability from cvelistv5
Published
2023-08-07 03:21
Modified
2024-10-17 14:41
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.005Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20780",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T14:41:07.970344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T14:41:18.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T03:21:00.627Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20780",
"datePublished": "2023-08-07T03:21:00.627Z",
"dateReserved": "2022-10-28T02:03:10.776Z",
"dateUpdated": "2024-10-17T14:41:18.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20110
Vulnerability from cvelistv5
Published
2022-05-03 19:56
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In ion, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399901.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/May-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 9.0, 10.0, 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:02:30.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399901."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T19:56:43",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-20110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6797, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 9.0, 10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ion, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399901."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/May-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-20110",
"datePublished": "2022-05-03T19:56:43",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-03T02:02:30.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26469
Vulnerability from cvelistv5
Published
2022-09-06 17:19
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/September-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6735, MT6737, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:33.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6735, MT6737, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T17:19:08",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-26469",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6580, MT6735, MT6737, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/September-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26469",
"datePublished": "2022-09-06T17:19:08",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:33.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20697
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20697",
"datePublished": "2023-05-15T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:14:40.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21756
Vulnerability from cvelistv5
Published
2022-06-06 17:39
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535950; Issue ID: ALPS06535950.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2022 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797 |
Version: Android 11.0, 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535950; Issue ID: ALPS06535950."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T17:39:24",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21756",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535950; Issue ID: ALPS06535950."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/June-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21756",
"datePublished": "2022-06-06T17:39:24",
"dateReserved": "2021-11-26T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20635
Vulnerability from cvelistv5
Published
2023-03-07 00:00
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07563028.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 10.0, 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07563028."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-09T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/March-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20635",
"datePublished": "2023-03-07T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:05:36.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20689
Vulnerability from cvelistv5
Published
2023-07-04 01:44
Modified
2024-12-04 16:24
Severity ?
EPSS score ?
Summary
In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788 |
Version: Android 11.0 / IOT-v23.0 (Yocto 4.0) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:40.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20689",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:24:08.698603Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:24:26.100Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0 / IOT-v23.0 (Yocto 4.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T01:44:46.260Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20689",
"datePublished": "2023-07-04T01:44:46.260Z",
"dateReserved": "2022-10-28T02:03:10.754Z",
"dateUpdated": "2024-12-04T16:24:26.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26475
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6853, MT6855, MT6873, MT6875, MT6879, MT6883, MT6885, MT6889, MT6895, MT6983, MT7663, MT7902, MT7921, MT8167S, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8512A, MT8518, MT8532, MT8667, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789 |
Version: Android 11.0, 12.0 and Yocto 3.1, 3.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6853, MT6855, MT6873, MT6875, MT6879, MT6883, MT6885, MT6889, MT6895, MT6983, MT7663, MT7902, MT7921, MT8167S, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8512A, MT8518, MT8532, MT8667, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0 and Yocto 3.1, 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-26475",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20821
Vulnerability from cvelistv5
Published
2023-09-04 02:27
Modified
2024-10-10 17:06
Severity ?
EPSS score ?
Summary
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT2713, MT2735, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 / OpenWrt 1907, 2102 / Yocto 2.6 / RDK-B 22Q3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt2713",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt2735",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6833",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6835",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6853",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6855",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6873",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6875",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6877",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6879",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6880",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6883",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6885",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6886",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6889",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6890",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6891",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6893",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6895",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6980",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6983",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6985",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt6990",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8167",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8167s",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8168",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8173",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8175",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8185",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8188",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8195",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8321",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8362a",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8365",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8385",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8395",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8666",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8673",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8675",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8765",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8766",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8768",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8781",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8786",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8788",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8789",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8791t",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mt8797",
"vendor": "mediatek",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "12.0"
},
{
"status": "affected",
"version": "13.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:04:56.340129Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:06:16.142Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT2713, MT2735, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0 / OpenWrt 1907, 2102 / Yocto 2.6 / RDK-B 22Q3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T02:27:17.577Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20821",
"datePublished": "2023-09-04T02:27:17.577Z",
"dateReserved": "2022-10-28T02:03:23.673Z",
"dateUpdated": "2024-10-10T17:06:16.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0675
Vulnerability from cvelistv5
Published
2021-12-15 18:05
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/December-2021 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 8.1, 9.0, 10.0, 11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 8.1, 9.0, 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T16:10:03",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Android 8.1, 9.0, 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/December-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0675",
"datePublished": "2021-12-15T18:05:52",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20615
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629572; Issue ID: ALPS07629572.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | MediaTek, Inc. | MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 |
Version: Android 11.0, 12.0, 13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:37.030Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629572; Issue ID: ALPS07629572."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-06T00:00:00",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20615",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2022-10-28T00:00:00",
"dateUpdated": "2024-08-02T09:05:37.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436."
}
],
"id": "CVE-2023-20677",
"lastModified": "2024-11-21T07:41:20.183",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-06T18:15:09.357",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-07 04:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323."
}
],
"id": "CVE-2023-20781",
"lastModified": "2024-11-21T07:41:30.893",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-07T04:15:12.647",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:41
Severity ?
Summary
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629572; Issue ID: ALPS07629572.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629572; Issue ID: ALPS07629572."
}
],
"id": "CVE-2023-20615",
"lastModified": "2024-11-21T07:41:13.933",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:15.003",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06713894; Issue ID: ALPS06713894.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06713894; Issue ID: ALPS06713894."
},
{
"lang": "es",
"value": "En Autoboot, Se presenta una posible omisi\u00f3n de permisos debido a una falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06713894; ID de Incidencia: ALPS06713894"
}
],
"id": "CVE-2022-21777",
"lastModified": "2024-11-21T06:45:25.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.790",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:42
Severity ?
Summary
In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487."
},
{
"lang": "es",
"value": "En Bluetooth, se presenta una posible divulgaci\u00f3n de informaci\u00f3n debido a un manejo incorrecto de errores. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06108487; ID de Incidencia: ALPS06108487"
}
],
"id": "CVE-2022-20042",
"lastModified": "2024-11-21T06:42:00.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.590",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt5221 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383."
}
],
"id": "CVE-2023-20660",
"lastModified": "2024-11-21T07:41:18.783",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.817",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-07 21:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07563028.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07563028."
}
],
"id": "CVE-2023-20635",
"lastModified": "2024-11-21T07:41:15.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-07T21:15:11.020",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-07 04:15
Modified
2024-11-21 07:41
Severity ?
Summary
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 2.6 | |
| linuxfoundation | yocto | 3.3 | |
| rdkcentral | rdk-b | 2022q3 | |
| android | 12.0 | ||
| android | 13.0 | ||
| openwrt | openwrt | 19.07.0 | |
| openwrt | openwrt | 21.02.0 | |
| mediatek | mt2713 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*",
"matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194."
}
],
"id": "CVE-2023-20790",
"lastModified": "2024-11-21T07:41:32.050",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-07T04:15:13.263",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612."
},
{
"lang": "es",
"value": "En keyInstall, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08308612; ID del problema: ALPS08308612."
}
],
"id": "CVE-2023-32876",
"lastModified": "2024-11-21T08:04:15.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:07.937",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:41
Severity ?
Summary
In system service, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219064; Issue ID: ALPS06219064.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In system service, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219064; Issue ID: ALPS06219064."
},
{
"lang": "es",
"value": "En system service, se presenta una posible omisi\u00f3n de permisos debido a una falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conllevar a una escalada local de privilegios remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06219064; ID de Incidencia: ALPS06219064"
}
],
"id": "CVE-2022-20024",
"lastModified": "2024-11-21T06:41:58.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:16.867",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494449; Issue ID: ALPS07494449.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6781 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494449; Issue ID: ALPS07494449."
},
{
"lang": "es",
"value": "En isp, existe una posible escritura fuera de los l\u00edmites debido a una condici\u00f3n de ejecuci\u00f3n. Esto podr\u00eda conducir a una escalada local de privilegios con privilegios de ejecuci\u00f3n del sistema necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07494449; ID del problema: ALPS07494449."
}
],
"id": "CVE-2022-32638",
"lastModified": "2024-11-21T07:06:47.230",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-03T21:15:11.687",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781."
},
{
"lang": "es",
"value": "En preloader (usb), se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios, para un atacante que tenga acceso f\u00edsico al dispositivo, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06160806; ID de Incidencia: ALPS06160781"
}
],
"id": "CVE-2022-20059",
"lastModified": "2024-11-21T06:42:03.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:07.237",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-08 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6833 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790."
},
{
"lang": "es",
"value": "En keyinstall, existe una posible lectura fuera de los l\u00edmites debido a una comprobaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07388790; ID del problema: ALPS07388790."
}
],
"id": "CVE-2022-32602",
"lastModified": "2024-11-21T07:06:43.043",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-08T21:15:11.810",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| openwrt | openwrt | 19.07.0 | |
| openwrt | openwrt | 21.02.0 | |
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only)."
}
],
"id": "CVE-2023-20694",
"lastModified": "2024-11-21T07:41:22.040",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:10.480",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104."
}
],
"id": "CVE-2023-20605",
"lastModified": "2024-11-21T07:41:12.673",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:14.530",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836585; Issue ID: ALPS05836585.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836585; Issue ID: ALPS05836585."
},
{
"lang": "es",
"value": "En mdp, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es necesaria la interacci\u00f3n del usuario para la explotaci\u00f3n. ID del Parche: ALPS05836585; ID de Incidencia: ALPS05836585"
}
],
"id": "CVE-2022-20067",
"lastModified": "2024-11-21T06:42:04.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:18.917",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-08 21:15
Modified
2024-11-21 06:53
Severity ?
Summary
In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | lr12a | - | |
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | mt2731 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6725 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6762d | - | |
| mediatek | mt6762m | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6765t | - | |
| mediatek | mt6767 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6769t | - | |
| mediatek | mt6769z | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12318A0A-16CD-48A5-98A4-373070734642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6528FA05-C8B7-498B-93BE-0BEFED28C1FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B87E31-AC92-445B-94B8-33DBF72EC11C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6725:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEE78CC-80F8-4C4F-92BA-378AAA85F087",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0002C537-4268-43CA-B349-BC14F1F0313C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80B083-D5A3-418C-9655-C79C9DECB4C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3367BA13-9C4D-4CCF-8E71-397F33CFF773",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1BE913-70AE-49FE-99E9-E996165DF79D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C8F9C2-6471-4498-B089-2F40D2483487",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118."
},
{
"lang": "es",
"value": "En Modem 4G RRC, existe una posible falla del sistema debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una Denegaci\u00f3n de Servicio (DoS) remota al concatenar SIB12 incorrecto (mensaje CMAS), sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY00867883; ID del problema: ALPS07274118."
}
],
"id": "CVE-2022-26446",
"lastModified": "2024-11-21T06:53:57.873",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-08T21:15:11.423",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8192 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8871 | - | |
| mediatek | mt8891 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8192:-:*:*:*:*:*:*:*",
"matchCriteriaId": "422634C7-D280-4664-AEE2-AA5B6723B836",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F80793-01B7-403A-A5F4-031F82FAC77A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C450B83A-913C-4E5B-B025-11071B6824D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148."
}
],
"id": "CVE-2023-20654",
"lastModified": "2024-11-21T07:41:17.990",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.453",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 15:15
Modified
2024-11-21 07:06
Severity ?
Summary
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228."
},
{
"lang": "es",
"value": "En Widevine, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07446228; ID del problema: ALPS07446228."
}
],
"id": "CVE-2022-32597",
"lastModified": "2024-11-21T07:06:42.500",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T15:15:17.840",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt2715 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8192 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8871 | - | |
| mediatek | mt8891 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2715:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA252F20-1BB7-4654-972C-F257F37396A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8192:-:*:*:*:*:*:*:*",
"matchCriteriaId": "422634C7-D280-4664-AEE2-AA5B6723B836",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F80793-01B7-403A-A5F4-031F82FAC77A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C450B83A-913C-4E5B-B025-11071B6824D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022."
}
],
"id": "CVE-2023-20655",
"lastModified": "2024-11-21T07:41:18.110",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.503",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-05 06:15
Modified
2024-11-21 08:51
Severity ?
Summary
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566."
},
{
"lang": "es",
"value": "En keyInstall, existe una posible escalada de privilegios debido a confusi\u00f3n de tipos. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08358566; ID del problema: ALPS08358566."
}
],
"id": "CVE-2024-20012",
"lastModified": "2024-11-21T08:51:47.703",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-05T06:15:47.490",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-07 19:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796914; Issue ID: ALPS07796914.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | iot-yocto | 22.2 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6789 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - | |
| linuxfoundation | iot-yocto | 22.2 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| linux | linux_kernel | 4.19 | |
| mediatek | mt5521 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:-:*:*:*:*:*:*",
"matchCriteriaId": "CFDAD450-8799-4C2D-80CE-2AA45DEC35CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5521:-:*:*:*:*:*:*:*",
"matchCriteriaId": "924A5491-E491-4570-ACA5-75B1B2BB736D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796914; Issue ID: ALPS07796914."
}
],
"id": "CVE-2023-20712",
"lastModified": "2025-01-07T19:15:28.830",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-06T13:15:10.897",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In geniezone, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571494; Issue ID: ALPS07571494.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In geniezone, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571494; Issue ID: ALPS07571494."
}
],
"id": "CVE-2023-20656",
"lastModified": "2024-11-21T07:41:18.237",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.557",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589135.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8192 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8871 | - | |
| mediatek | mt8891 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8192:-:*:*:*:*:*:*:*",
"matchCriteriaId": "422634C7-D280-4664-AEE2-AA5B6723B836",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F80793-01B7-403A-A5F4-031F82FAC77A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C450B83A-913C-4E5B-B025-11071B6824D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589135."
}
],
"id": "CVE-2023-20652",
"lastModified": "2024-11-21T07:41:17.753",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.353",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-08 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; Issue ID: ALPS07319132.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BF3D9050-DFED-4D7B-BB17-24408D344EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; Issue ID: ALPS07319132."
},
{
"lang": "es",
"value": "En telefon\u00eda, existe una posible omisi\u00f3n de permiso debido a una discrepancia en el formato del paquete. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07319132; ID del problema: ALPS07319132."
}
],
"id": "CVE-2022-32601",
"lastModified": "2024-11-21T07:06:42.913",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-08T21:15:11.687",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 18:15
Modified
2024-11-21 06:54
Severity ?
Summary
In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598."
},
{
"lang": "es",
"value": "En MtkEmail, se presenta una posible escalada de privilegios debido a la inyecci\u00f3n de fragmentos. Esto podr\u00eda conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07216598; ID de Incidencia: ALPS07216598."
}
],
"id": "CVE-2022-26469",
"lastModified": "2024-11-21T06:54:00.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T18:15:12.617",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-470"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704482.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704482."
},
{
"lang": "es",
"value": "En WLAN driver, es posible sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS06704526; ID de incidencia: ALPS06704482"
}
],
"id": "CVE-2022-21783",
"lastModified": "2024-11-21T06:45:25.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:18.020",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:43
Severity ?
Summary
In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561383.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt5522 | - | |
| mediatek | mt5527 | - | |
| mediatek | mt5597 | - | |
| mediatek | mt5598 | - | |
| mediatek | mt5599 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8184 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt9256 | - | |
| mediatek | mt9285 | - | |
| mediatek | mt9286 | - | |
| mediatek | mt9288 | - | |
| mediatek | mt9629 | - | |
| mediatek | mt9631 | - | |
| mediatek | mt9632 | - | |
| mediatek | mt9636 | - | |
| mediatek | mt9638 | - | |
| mediatek | mt9639 | - | |
| mediatek | mt9650 | - | |
| mediatek | mt9652 | - | |
| mediatek | mt9669 | - | |
| mediatek | mt9670 | - | |
| mediatek | mt9675 | - | |
| mediatek | mt9685 | - | |
| mediatek | mt9686 | - | |
| mediatek | mt9688 | - | |
| mediatek | mt9931 | - | |
| mediatek | mt9950 | - | |
| mediatek | mt9970 | - | |
| mediatek | mt9980 | - | |
| mediatek | mt9981 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5522:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C38B265-3EE8-417C-9D59-6182939ED27E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5527:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69C04171-DB18-40D7-AFC5-04A869942396",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5597:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC084C16-6693-4FEA-9BDD-B633EAA3E432",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5598:-:*:*:*:*:*:*:*",
"matchCriteriaId": "455B256C-83C8-406F-B28F-A4205E7C094E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5599:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FF926A-2D26-4666-ACA4-474A89243566",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8184:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF76BE8-E35C-470B-813D-5290F6B0D281",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC84405-17EE-4C25-8477-317F2A6A095F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9285:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7E7D3C-436A-4068-99F1-AFEB34989F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEEB709-8C7B-48AF-B359-9CE9C68790D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6081A92B-4361-462A-9F7F-570AC7256CDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47E5EE7B-1208-4007-AF87-6DC309FFE312",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA834B63-F689-48BA-84E6-500351990BFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1B3B37-22C4-42F4-8264-07512619D706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*",
"matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3E19E5-4DD7-4ECB-A7AE-F501A152078E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046B7E06-8C40-4D37-8D10-4816E51CA143",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD9AD54-9F0F-414B-8936-3A981657D6AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D78E76-6A3B-4736-B7E7-C9032CDA845B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9931:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB4C96A-A50F-4194-BE9C-BF2DFD3DEB3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31E0E580-A76F-4CFA-BFF2-0F7540C63C3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "961C13C3-2C3D-46B1-A618-D45920EC5E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16B4C37E-B6CA-4176-B98D-E1C9E66472EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62282860-5EAF-45EA-B36E-6B6F124C3096",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561383."
},
{
"lang": "es",
"value": "En asf extractor, se presenta una posible lectura fuera de l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05489178; ID del Problema: ALPS05561383."
}
],
"id": "CVE-2021-0621",
"lastModified": "2024-11-21T05:43:02.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:08.163",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 18:15
Modified
2024-11-21 06:54
Severity ?
Summary
In aie, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07116037; Issue ID: ALPS07116037.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In aie, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07116037; Issue ID: ALPS07116037."
},
{
"lang": "es",
"value": "En aie, se presenta una posible escritura fuera de l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una escalada de privilegios local con privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07116037; ID de Incidencia: ALPS07116037.\n"
}
],
"id": "CVE-2022-26470",
"lastModified": "2024-11-21T06:54:00.640",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T18:15:12.657",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704526.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704526."
},
{
"lang": "es",
"value": "En WLAN driver, es posible sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS06704526; ID de incidencia: ALPS06704526"
}
],
"id": "CVE-2022-21780",
"lastModified": "2024-11-21T06:45:25.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.883",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664720; Issue ID: ALPS07664720.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664720; Issue ID: ALPS07664720."
}
],
"id": "CVE-2023-20692",
"lastModified": "2024-11-21T07:41:21.820",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:09.717",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:41
Severity ?
Summary
In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150."
},
{
"lang": "es",
"value": "En cmdq driver, se presenta una posible lectura fuera de l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS05747150; ID de Incidencia: ALPS05747150"
}
],
"id": "CVE-2022-20029",
"lastModified": "2024-11-21T06:41:58.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.077",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-07 04:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550103.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550103."
}
],
"id": "CVE-2023-20782",
"lastModified": "2024-11-21T07:41:31.023",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-07T04:15:12.720",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:43
Severity ?
Summary
In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6758 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395."
},
{
"lang": "es",
"value": "En ape extractor, se presenta una posible lectura fuera de l\u00edmites debido a la falta de comprobaci\u00f3n de los l\u00edmites. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05561395; ID del Problema: ALPS05561395."
}
],
"id": "CVE-2021-0619",
"lastModified": "2024-11-21T05:43:01.807",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:07.603",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07549928.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07549928."
}
],
"id": "CVE-2023-20756",
"lastModified": "2024-11-21T07:41:29.093",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:09.983",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-03 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In netdiag, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308877; Issue ID: ALPS06308877.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In netdiag, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308877; Issue ID: ALPS06308877."
},
{
"lang": "es",
"value": "En netdiag, se presenta un posible seguimiento de enlaces simb\u00f3licos debido a una resoluci\u00f3n de enlaces inapropiada. Esto podr\u00eda conllevar a una escalada de privilegios local con privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS06308877; ID de Incidencia: ALPS06308877"
}
],
"id": "CVE-2022-20085",
"lastModified": "2024-11-21T06:42:07.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-03T20:15:08.237",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 2.6 | |
| linuxfoundation | yocto | 3.3 | |
| rdkcentral | rdkb | 2022q3 | |
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| openwrt | openwrt | 19.07.0 | |
| openwrt | openwrt | 21.02.0 | |
| mediatek | mt2731 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6767 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rdkcentral:rdkb:2022q3:*:*:*:*:*:*:*",
"matchCriteriaId": "295DD4FC-E943-412D-A63E-260C0F3887FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6528FA05-C8B7-498B-93BE-0BEFED28C1FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3367BA13-9C4D-4CCF-8E71-397F33CFF773",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C8F9C2-6471-4498-B089-2F40D2483487",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33DEF766-EAF1-4E36-BB7C-43069B26507A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2758122C-4D11-4D34-9B72-3905F3A28448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only)."
}
],
"id": "CVE-2023-20726",
"lastModified": "2024-11-21T07:41:25.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:11.433",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485."
},
{
"lang": "es",
"value": "En preloader (usb), se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios, para un atacante que tenga acceso f\u00edsico al dispositivo, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06160806; ID de Incidencia: ALPS06160485"
}
],
"id": "CVE-2022-20058",
"lastModified": "2024-11-21T06:42:03.090",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:06.813",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In mobile_log_d, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308907; Issue ID: ALPS06308907.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6731 | - | |
| mediatek | mt6732 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FBCBDD-5ADA-49A7-A152-61FB909EE5FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mobile_log_d, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308907; Issue ID: ALPS06308907."
},
{
"lang": "es",
"value": "En mobile_log_d, se presenta un posible seguimiento de enlaces simb\u00f3licos debido a una resoluci\u00f3n de enlaces inapropiada. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06308907; ID de Incidencia: ALPS06308907"
}
],
"id": "CVE-2022-20068",
"lastModified": "2024-11-21T06:42:04.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:18.957",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535950; Issue ID: ALPS06535950.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535950; Issue ID: ALPS06535950."
},
{
"lang": "es",
"value": "En WLAN driver, se presenta una posible lectura fuera de l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local con los privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06535950; ID de incidencia: ALPS06535950"
}
],
"id": "CVE-2022-21756",
"lastModified": "2024-11-21T06:45:22.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:09.013",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704433.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704433."
},
{
"lang": "es",
"value": "En WLAN driver, es posible sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS06704526; ID de incidencia: ALPS06704433"
}
],
"id": "CVE-2022-21781",
"lastModified": "2024-11-21T06:45:25.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.927",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-03 21:15
Modified
2024-11-21 06:45
Severity ?
Summary
In ion, there is a possible use after free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06371108; Issue ID: ALPS06371108.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible use after free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06371108; Issue ID: ALPS06371108."
},
{
"lang": "es",
"value": "En ion, se presenta un posible uso de memoria previamente liberada debido a un desbordamiento de enteros. Esto podr\u00eda conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06371108; Issue ID: ALPS06371108"
}
],
"id": "CVE-2022-21743",
"lastModified": "2024-11-21T06:45:21.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-03T21:15:09.347",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-08 21:15
Modified
2024-11-21 06:45
Severity ?
Summary
In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421."
},
{
"lang": "es",
"value": "En vpu, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n del System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS06382421; ID del problema: ALPS06382421."
}
],
"id": "CVE-2022-21778",
"lastModified": "2024-11-21T06:45:25.183",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-08T21:15:09.950",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-03 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALPS06419003.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALPS06419003."
},
{
"lang": "es",
"value": "En camera, se presenta una posible divulgaci\u00f3n de informaci\u00f3n debido a datos no inicializados. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06419003; ID de Incidencia: ALPS06419003"
}
],
"id": "CVE-2022-20096",
"lastModified": "2024-11-21T06:42:08.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-03T20:15:08.660",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-04 16:15
Modified
2024-11-21 06:41
Severity ?
Summary
In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198513; Issue ID: ALPS06198513.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | awus036nh | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6630 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt7662t | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8362b | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:awus036nh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23A5CF60-C9DD-487C-8ABA-325D7A73694F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC85BBB-5985-41A1-B19F-1C580C367B64",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7662t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3331F3A6-E176-4EA5-B253-D5B03945C2B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "739BE124-C307-41B2-8E92-C223FE67F88A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198513; Issue ID: ALPS06198513."
},
{
"lang": "es",
"value": "En Bluetooth, se presenta un posible bloqueo de la aplicaci\u00f3n debido a que bluetooth no maneja apropiadamente la recepci\u00f3n de m\u00faltiples LMP_host_connection_req. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio remota de bluetooth sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06198513; ID de Incidencia: ALPS06198513"
}
],
"id": "CVE-2022-20021",
"lastModified": "2024-11-21T06:41:57.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-04T16:15:10.600",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895)."
},
{
"lang": "es",
"value": "En Modem IMS Call UA, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01161825; ID del problema: MOLY01161825 (MSV-895)."
}
],
"id": "CVE-2023-32889",
"lastModified": "2024-11-21T08:04:16.780",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:08.540",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07588343.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07588343."
}
],
"id": "CVE-2023-20754",
"lastModified": "2024-11-21T07:41:28.860",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:09.893",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-17 17:15
Modified
2024-11-21 05:43
Severity ?
Summary
In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05977326; Issue ID: ALPS05977326.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05977326; Issue ID: ALPS05977326."
},
{
"lang": "es",
"value": "En Audio Aurisys HAL, se presenta una posible omisi\u00f3n de permisos debido a una falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05977326; ID de Incidencia: ALPS05977326"
}
],
"id": "CVE-2021-0673",
"lastModified": "2024-11-21T05:43:07.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-17T17:15:10.737",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462."
},
{
"lang": "es",
"value": "En preloader (usb), se presenta una posible omisi\u00f3n de permisos debido a una falta de autenticaci\u00f3n de imagen apropiada. Esto podr\u00eda conllevar a una escalada local de privilegios, para un atacante que tenga acceso f\u00edsico al dispositivo, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06160806; ID de Incidencia: ALPS06137462"
}
],
"id": "CVE-2022-20060",
"lastModified": "2024-11-21T06:42:03.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:07.660",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542."
},
{
"lang": "es",
"value": "En mailbox, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07032542; ID de incidencia: ALPS07032542"
}
],
"id": "CVE-2022-26432",
"lastModified": "2024-11-21T06:53:56.070",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T14:15:09.273",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt5221_firmware | 7.6.6.0 | |
| mediatek | mt5221 | - | |
| mediatek | mt7603_firmware | 7.6.6.0 | |
| mediatek | mt7603 | - | |
| mediatek | mt7613_firmware | 7.6.6.0 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.6.0 | |
| mediatek | mt7615 | - | |
| mediatek | mt7622_firmware | 7.6.6.0 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.6.0 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.6.0 | |
| mediatek | mt7629 | - | |
| mediatek | mt7663_firmware | 7.6.6.0 | |
| mediatek | mt7663 | - | |
| mediatek | mt7668_firmware | 7.6.6.0 | |
| mediatek | mt7668 | - | |
| mediatek | mt7682_firmware | 7.6.6.0 | |
| mediatek | mt7682 | - | |
| mediatek | mt7686_firmware | 7.6.6.0 | |
| mediatek | mt7686 | - | |
| mediatek | mt7687_firmware | 7.6.6.0 | |
| mediatek | mt7687 | - | |
| mediatek | mt7697_firmware | 7.6.6.0 | |
| mediatek | mt7697 | - | |
| mediatek | mt7902_firmware | 7.6.6.0 | |
| mediatek | mt7902 | - | |
| mediatek | mt7915_firmware | 7.6.6.0 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.6.0 | |
| mediatek | mt7916 | - | |
| mediatek | mt7921_firmware | 7.6.6.0 | |
| mediatek | mt7921 | - | |
| mediatek | mt7933_firmware | 7.6.6.0 | |
| mediatek | mt7933 | - | |
| mediatek | mt7981_firmware | 7.6.6.0 | |
| mediatek | mt7981 | - | |
| mediatek | mt7986_firmware | 7.6.6.0 | |
| mediatek | mt7986 | - | |
| mediatek | mt8167s_firmware | 7.6.6.0 | |
| mediatek | mt8167s | - | |
| mediatek | mt8175_firmware | 7.6.6.0 | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a_firmware | 7.6.6.0 | |
| mediatek | mt8362a | - | |
| mediatek | mt8365_firmware | 7.6.6.0 | |
| mediatek | mt8365 | - | |
| mediatek | mt8385_firmware | 7.6.6.0 | |
| mediatek | mt8385 | - | |
| mediatek | mt8518s_firmware | 7.6.6.0 | |
| mediatek | mt8518s | - | |
| mediatek | mt8532_firmware | 7.6.6.0 | |
| mediatek | mt8532 | - | |
| mediatek | mt8695_firmware | 7.6.6.0 | |
| mediatek | mt8695 | - | |
| mediatek | mt8696_firmware | 7.6.6.0 | |
| mediatek | mt8696 | - | |
| mediatek | mt8788_firmware | 7.6.6.0 | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9621A8-A63C-4831-9887-3C5C62B05FAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7D50BA-4588-406B-9873-EB067B1FADC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "188DCE87-D893-4109-B946-5A943723021E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1144B15B-0F33-4622-9534-D22741EA6C4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7476AF58-342B-4E2A-BEAD-E379097148D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "572E4322-E017-4298-B34D-F54CB43E599F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D94F1C2D-5749-4BD7-916A-416A88AA858F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9371F16-8A35-4052-BF0A-500F6042FFBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C293668-B45D-4576-8B25-5B5BCD983891",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*",
"matchCriteriaId": "413F83A0-2B78-47A4-B80D-4554C01B1F3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3B5E86-E109-45AA-97BA-8EC81E55A332",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B75820B-B73F-47AB-A25A-4A624767B740",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5414D487-223D-4195-AEA6-429AD30DFCE4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B70678B8-78D6-4651-BE58-44374273F3FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14734451-2D61-4EB5-8BB2-414E2BEDC534",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "605F4D0F-FF81-4CB8-9D25-2FA9410793DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED333D7-1DF2-48EB-8617-16D604070D9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*",
"matchCriteriaId": "727F29FD-E8DA-46F1-9C98-9D194E981E38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81B46566-AE03-4B6B-8B25-13621A060156",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72A30F15-0654-4479-8944-6AF67F610AF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C557CA7B-C1ED-44C3-9E5F-659D74A6359A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A937256-84A3-48A8-BF28-14C87B09EB6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60521D31-F322-4740-9F8F-F16D76902BBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79456DE4-1CF2-4B64-9BF1-B2F9D841F864",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9F2265-32D5-4EEA-8FAD-ECECC8231281",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF834C63-5493-480D-9803-9C2FAA6F41AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035."
}
],
"id": "CVE-2022-32656",
"lastModified": "2024-11-21T07:06:49.640",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:11.157",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430."
},
{
"lang": "es",
"value": "En Bluetooth, es posible sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06784430; ID de incidencia: ALPS06784430"
}
],
"id": "CVE-2022-21767",
"lastModified": "2024-11-21T06:45:23.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.280",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-15 19:15
Modified
2024-11-21 05:43
Severity ?
Summary
In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@android.com | https://corp.mediatek.com/product-security-bulletin/December-2021 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://corp.mediatek.com/product-security-bulletin/December-2021 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938."
},
{
"lang": "es",
"value": "En SRAMROM, existe una posible derivaci\u00f3n de permisos debido a una configuraci\u00f3n de permisos insegura. Esto podr\u00eda llevar a una escalada local de privilegios con necesidad de privilegios de ejecuci\u00f3n del sistema. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID del parche: ALPS06076938; ID del problema: ALPS06076938"
}
],
"id": "CVE-2021-0904",
"lastModified": "2024-11-21T05:43:14.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-15T19:15:10.893",
"references": [
{
"source": "security@android.com",
"tags": [
"Third Party Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 18:15
Modified
2024-11-21 06:53
Severity ?
Summary
In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| yoctoproject | yocto | 3.1 | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478."
},
{
"lang": "es",
"value": "En BT firmware, es posible que se produzca una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06784478; ID de Incidencia: ALPS06784478.\n"
}
],
"id": "CVE-2022-26447",
"lastModified": "2024-11-21T06:53:58.003",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T18:15:11.610",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-02 03:15
Modified
2024-11-21 08:04
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In ftm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07994229; Issue ID: ALPS07994229.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt2713 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8390 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ftm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07994229; Issue ID: ALPS07994229."
},
{
"lang": "es",
"value": "En ftm, existe una posible escritura fuera de l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07994229; ID del problema: ALPS07994229."
}
],
"id": "CVE-2023-32822",
"lastModified": "2024-11-21T08:04:06.523",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-10-02T03:15:09.917",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:42
Severity ?
Summary
In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108596; Issue ID: ALPS06108596.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108596; Issue ID: ALPS06108596."
},
{
"lang": "es",
"value": "En Bluetooth, se presenta una posible escalada de privilegios debido a una falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conllevar a una escalada de privilegios local remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06108596; ID de Incidencia: ALPS06108596"
}
],
"id": "CVE-2022-20041",
"lastModified": "2024-11-21T06:42:00.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.553",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-08 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In aee, there is a possible use after free due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202891; Issue ID: ALPS07202891.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8871 | - | |
| mediatek | mt8891 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F80793-01B7-403A-A5F4-031F82FAC77A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C450B83A-913C-4E5B-B025-11071B6824D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In aee, there is a possible use after free due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202891; Issue ID: ALPS07202891."
},
{
"lang": "es",
"value": "En aee, existe un posible use-after-free debido a la falta de verificaci\u00f3n de l\u00edmites. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n del System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07202891; ID del problema: ALPS07202891."
}
],
"id": "CVE-2022-32607",
"lastModified": "2024-11-21T07:06:43.430",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-08T21:15:12.603",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435."
},
{
"lang": "es",
"value": "En mailbox, se presenta una posible escritura fuera de l\u00edmites debido a una confusi\u00f3n de tipo. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07138435; ID de Incidencia: ALPS07138435"
}
],
"id": "CVE-2022-26435",
"lastModified": "2024-11-21T06:53:56.523",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T14:15:09.407",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
},
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704393.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704393."
},
{
"lang": "es",
"value": "En WLAN driver, es posible sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS06704526; ID de incidencia: ALPS06704393"
}
],
"id": "CVE-2022-21779",
"lastModified": "2024-11-21T06:45:25.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.837",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259."
},
{
"lang": "es",
"value": "En ril, se presenta un posible bloqueo del sistema debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio remota sin necesidad de privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS07257259; ID de Incidencia: ALPS07257259"
}
],
"id": "CVE-2022-32591",
"lastModified": "2024-11-21T07:06:41.717",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T20:15:14.823",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064."
},
{
"lang": "es",
"value": "En keyinstall, existe una posible escritura fuera de los l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07510064; ID del problema: ALPS07510064."
}
],
"id": "CVE-2022-32636",
"lastModified": "2024-11-21T07:06:46.967",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-03T21:15:11.587",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07588667.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07588667."
}
],
"id": "CVE-2023-20753",
"lastModified": "2024-11-21T07:41:28.740",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:09.847",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:41
Severity ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126827; Issue ID: ALPS06126827.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126827; Issue ID: ALPS06126827."
},
{
"lang": "es",
"value": "En Bluetooth, es posible que sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06126827; ID de Incidencia: ALPS06126827"
}
],
"id": "CVE-2022-20026",
"lastModified": "2024-11-21T06:41:58.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:16.947",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06511132; Issue ID: ALPS06511132.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| mediatek | mt6771 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06511132; Issue ID: ALPS06511132."
},
{
"lang": "es",
"value": "En WLAN driver, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06511132; ID de Incidencia: ALPS06511132"
}
],
"id": "CVE-2022-21751",
"lastModified": "2024-11-21T06:45:22.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:08.803",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-06 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918."
},
{
"lang": "es",
"value": "En keyinstall, existe una posible corrupci\u00f3n de memoria debido a confusi\u00f3n de tipos. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08157918; ID del problema: ALPS08157918."
}
],
"id": "CVE-2023-32835",
"lastModified": "2024-11-21T08:04:08.830",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-06T04:15:07.887",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 15:15
Modified
2024-11-21 07:06
Severity ?
Summary
In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646."
},
{
"lang": "es",
"value": "En ccci, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07138646; ID del problema: ALPS07138646."
}
],
"id": "CVE-2022-32634",
"lastModified": "2024-11-21T07:06:46.697",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T15:15:18.617",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260."
},
{
"lang": "es",
"value": "En video codec, se presenta una posible corrupci\u00f3n de memoria debido a una condici\u00f3n de carrera. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06521260; ID de Incidencia: ALPS06521260"
}
],
"id": "CVE-2022-26428",
"lastModified": "2024-11-21T06:53:55.630",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T14:15:09.077",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-07 21:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rdkcentral | rdk-b | 2022q3 | |
| android | 12.0 | ||
| android | 13.0 | ||
| openwrt | openwrt | 19.07.0 | |
| openwrt | openwrt | 21.02.0 | |
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*",
"matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only)."
}
],
"id": "CVE-2023-20725",
"lastModified": "2025-01-07T21:15:10.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-06T13:15:11.937",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-15 19:15
Modified
2024-11-21 05:43
Severity ?
Summary
In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@android.com | https://corp.mediatek.com/product-security-bulletin/December-2021 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://corp.mediatek.com/product-security-bulletin/December-2021 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 8.1 | ||
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6570 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6758 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8176 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "975802CC-B130-4CF3-9B8E-A23DEA464259",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8176:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5B22E8-3536-4DBC-8E71-3E14FE45A887",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258."
},
{
"lang": "es",
"value": "En el decodificador alac, existe una posible escritura fuera de l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda llevar a una escalada local de privilegios sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID del parche: ALPS06064258; ID del problema: ALPS06064258"
}
],
"id": "CVE-2021-0675",
"lastModified": "2024-11-21T05:43:07.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-15T19:15:10.573",
"references": [
{
"source": "security@android.com",
"tags": [
"Third Party Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351."
},
{
"lang": "es",
"value": "En Bluetooth, es posible sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06784351; ID de Incidencia: ALPS06784351"
}
],
"id": "CVE-2022-21768",
"lastModified": "2024-11-21T06:45:24.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.337",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820."
},
{
"lang": "es",
"value": "En preloader (usb), es posible que sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios, para un atacante que tenga acceso f\u00edsico al dispositivo, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06160806; ID de Incidencia: ALPS06160820"
}
],
"id": "CVE-2022-20056",
"lastModified": "2024-11-21T06:42:02.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:05.983",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In connsyslogger, there is a possible symbolic link following due to improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06335038; Issue ID: ALPS06335038.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In connsyslogger, there is a possible symbolic link following due to improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06335038; Issue ID: ALPS06335038."
},
{
"lang": "es",
"value": "En connsyslogger, se presenta un posible seguimiento de enlaces simb\u00f3licos debido a una resoluci\u00f3n inapropiada de enlaces. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06335038; ID de Incidencia: ALPS06335038"
}
],
"id": "CVE-2022-20050",
"lastModified": "2024-11-21T06:42:01.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:03.597",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 20:15
Modified
2024-11-21 06:54
Severity ?
Summary
In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095."
},
{
"lang": "es",
"value": "En ims, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. Esto podr\u00eda conllevar a una escalada de privilegios local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS07319095; ID de Incidencia: ALPS07319095"
}
],
"id": "CVE-2022-26472",
"lastModified": "2024-11-21T06:54:00.870",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T20:15:10.870",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202."
}
],
"id": "CVE-2023-20766",
"lastModified": "2024-11-21T07:41:29.787",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:10.287",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-08 15:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 3.1 | |
| linuxfoundation | yocto | 3.3 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480."
}
],
"id": "CVE-2023-20732",
"lastModified": "2025-01-08T15:15:11.213",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-06T13:15:12.563",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-03 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061."
},
{
"lang": "es",
"value": "En alac decoder, se presenta una posible lectura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06366061; ID de Incidencia: ALPS06366061"
}
],
"id": "CVE-2022-20092",
"lastModified": "2024-11-21T06:42:08.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-03T20:15:08.490",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594."
},
{
"lang": "es",
"value": "En meta wifi, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con privilegios de ejecuci\u00f3n del sistema necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07453594; ID del problema: ALPS07453594."
}
],
"id": "CVE-2022-32641",
"lastModified": "2024-11-21T07:06:47.617",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-03T21:15:11.827",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 18:15
Modified
2024-11-21 06:54
Severity ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07168125; Issue ID: ALPS07168125.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07168125; Issue ID: ALPS07168125."
},
{
"lang": "es",
"value": "En preloader (usb), se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada de privilegios local, para un atacante que tenga acceso f\u00edsico al dispositivo, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07168125; ID de Incidencia: ALPS07168125."
}
],
"id": "CVE-2022-26468",
"lastModified": "2024-11-21T06:54:00.417",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T18:15:12.577",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-03 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In ion, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399901.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399901."
},
{
"lang": "es",
"value": "En ion, se presenta un posible uso de memoria previamente liberada debido a una condici\u00f3n de carrera. Esto podr\u00eda conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06399915; ID de Incidencia: ALPS06399901"
}
],
"id": "CVE-2022-20110",
"lastModified": "2024-11-21T06:42:10.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-03T20:15:08.917",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt2601 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2601:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8672BC44-8E6C-4A5A-A817-28B7387542D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841."
},
{
"lang": "es",
"value": "En preloader (usb), se presenta una posible escritura fuera de l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda conllevar a una escalada local de privilegios, para un atacante que tenga acceso f\u00edsico al dispositivo, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06160841; ID de Incidencia: ALPS06160841"
}
],
"id": "CVE-2022-20073",
"lastModified": "2024-11-21T06:42:05.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.147",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In mtee, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571485; Issue ID: ALPS07571485.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mtee, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571485; Issue ID: ALPS07571485."
}
],
"id": "CVE-2023-20657",
"lastModified": "2024-11-21T07:41:18.393",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.620",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In ims service, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219097; Issue ID: ALPS06219097.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6731 | - | |
| mediatek | mt6732 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6752 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6758 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FBCBDD-5ADA-49A7-A152-61FB909EE5FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22C2668D-7A14-42AA-A164-957FE78B9ABF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ims service, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219097; Issue ID: ALPS06219097."
},
{
"lang": "es",
"value": "En ims service, se presenta una posible escalada de privilegios debido a una falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06219097; ID de Incidencia: ALPS06219097"
}
],
"id": "CVE-2022-20053",
"lastModified": "2024-11-21T06:42:02.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:04.477",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-07 04:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905."
}
],
"id": "CVE-2023-20783",
"lastModified": "2024-11-21T07:41:31.147",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-07T04:15:12.793",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In gz, there is a possible double free due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505952; Issue ID: ALPS07505952.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8871 | - | |
| mediatek | mt8891 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F80793-01B7-403A-A5F4-031F82FAC77A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C450B83A-913C-4E5B-B025-11071B6824D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In gz, there is a possible double free due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505952; Issue ID: ALPS07505952."
}
],
"id": "CVE-2023-20664",
"lastModified": "2024-11-21T07:41:19.240",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:09.023",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951."
}
],
"id": "CVE-2023-20709",
"lastModified": "2024-11-21T07:41:23.847",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:11.073",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588569.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588569."
}
],
"id": "CVE-2023-20675",
"lastModified": "2024-11-21T07:41:19.950",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:09.267",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560741; Issue ID: ALPS07560741.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt5221 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560741; Issue ID: ALPS07560741."
}
],
"id": "CVE-2023-20663",
"lastModified": "2024-11-21T07:41:19.120",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.973",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446236; Issue ID: ALPS07446236.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446236; Issue ID: ALPS07446236."
}
],
"id": "CVE-2022-32595",
"lastModified": "2024-11-21T07:06:42.240",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:10.903",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872."
},
{
"lang": "es",
"value": "En WIFI Firmware, se presenta una posible corrupci\u00f3n de memoria debido a un uso de memoria previamente liberada. Esto podr\u00eda conllevar a una escalada remota de privilegios, cuando los dispositivos son conectados al punto de acceso Wi-Fi controlado por el atacante, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06468872; ID de Incidencia: ALPS06468872"
}
],
"id": "CVE-2022-21745",
"lastModified": "2024-11-21T06:45:21.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:08.543",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083."
},
{
"lang": "es",
"value": "En ims service, se presenta una posible inyecci\u00f3n de comandos AT debido a una falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06219083; ID de Incidencia: ALPS06219083"
}
],
"id": "CVE-2022-20054",
"lastModified": "2024-11-21T06:42:02.493",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:05.043",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-06 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762."
},
{
"lang": "es",
"value": "En secmem, existe una posible corrupci\u00f3n de la memoria debido a una confusi\u00f3n de tipos. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08161762; ID del problema: ALPS08161762."
}
],
"id": "CVE-2023-32834",
"lastModified": "2024-11-21T08:04:08.700",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-06T04:15:07.843",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836418; Issue ID: ALPS05836418.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6765 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836418; Issue ID: ALPS05836418."
},
{
"lang": "es",
"value": "En mdp, se presenta una posible corrupci\u00f3n de memoria debido a un uso de memoria previamente liberada. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05836418; ID de Incidencia: ALPS05836418"
}
],
"id": "CVE-2022-20062",
"lastModified": "2024-11-21T06:42:03.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:18.720",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160425; Issue ID: ALPS06160425.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160425; Issue ID: ALPS06160425."
},
{
"lang": "es",
"value": "En preloader (usb), se presenta una posible escritura fuera de l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda conllevar a una escalada local de privilegios, para un atacante que tenga acceso f\u00edsico al dispositivo, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06160425; ID de Incidencia: ALPS06160425"
}
],
"id": "CVE-2022-20069",
"lastModified": "2024-11-21T06:42:04.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:18.993",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560765; Issue ID: ALPS07560765.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt5221 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560765; Issue ID: ALPS07560765."
}
],
"id": "CVE-2023-20662",
"lastModified": "2024-11-21T07:41:19.003",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.923",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6731 | - | |
| mediatek | mt6732 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6752 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6758 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FBCBDD-5ADA-49A7-A152-61FB909EE5FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22C2668D-7A14-42AA-A164-957FE78B9ABF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127."
},
{
"lang": "es",
"value": "En ims service, se presenta un posible comportamiento no esperado de la aplicaci\u00f3n debido a una asignaci\u00f3n de privilegios incorrecta. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06219127; ID de Incidencia: ALPS06219127"
}
],
"id": "CVE-2022-20051",
"lastModified": "2024-11-21T06:42:02.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:04.063",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-04 03:15
Modified
2024-11-21 07:41
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In seninf, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07992786; Issue ID: ALPS07992786.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In seninf, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07992786; Issue ID: ALPS07992786."
},
{
"lang": "es",
"value": "En seninf, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites omitida. Esto podr\u00eda llevar a una escalada local de privilegios con necesidad de privilegios de ejecuci\u00f3n del sistema. No es necesaria la interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS07992786; ID de la incidencia: ALPS07992786."
}
],
"id": "CVE-2023-20837",
"lastModified": "2024-11-21T07:41:39.627",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-09-04T03:15:10.430",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:43
Severity ?
Summary
In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-199678035
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 8.1 | ||
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6731 | - | |
| mediatek | mt6732 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6752 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6758 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FBCBDD-5ADA-49A7-A152-61FB909EE5FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22C2668D-7A14-42AA-A164-957FE78B9ABF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-199678035"
},
{
"lang": "es",
"value": "En la aplicaci\u00f3n Browser, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a la falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n.Producto: AndroidVersiones: Android SoCAndroid ID: A-199678035"
}
],
"id": "CVE-2021-0672",
"lastModified": "2024-11-21T05:43:07.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:09.210",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2021-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2021-11-01"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-04 03:15
Modified
2024-11-21 07:41
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 2.6 | |
| rdkcentral | rdk-b | 2022q3 | |
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| openwrt | openwrt | 19.07.0 | |
| openwrt | openwrt | 21.02.0 | |
| mediatek | mt2713 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*",
"matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113."
},
{
"lang": "es",
"value": "En nvram, existe una posible escritura fuera de l\u00edmites debido a una inexistente comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda llevar a una escalada local de privilegios con necesidad de privilegios de ejecuci\u00f3n del sistema. No es necesaria la interacci\u00f3n del usuario para la explotaci\u00f3n. ID del parche: ALPS07937113; ID de la incidencia: ALPS07937113."
}
],
"id": "CVE-2023-20821",
"lastModified": "2024-11-21T07:41:36.663",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-09-04T03:15:08.480",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217."
},
{
"lang": "es",
"value": "En keyInstall, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08308607; ID del problema: ALPS08304217."
}
],
"id": "CVE-2023-32875",
"lastModified": "2024-11-21T08:04:14.997",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:07.883",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-07 21:15
Modified
2024-11-21 07:41
Severity ?
Summary
In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494460; Issue ID: ALPS07494460.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494460; Issue ID: ALPS07494460."
}
],
"id": "CVE-2023-20628",
"lastModified": "2024-11-21T07:41:15.213",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-07T21:15:10.730",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607."
},
{
"lang": "es",
"value": "En keyInstall, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08308607; ID del problema: ALPS08308607."
}
],
"id": "CVE-2023-32872",
"lastModified": "2024-11-21T08:04:14.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:07.790",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-07 19:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796900; Issue ID: ALPS07796900.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | iot-yocto | 22.2 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6789 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - | |
| linuxfoundation | iot-yocto | 22.2 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| linux | linux_kernel | 4.19 | |
| mediatek | mt5521 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:-:*:*:*:*:*:*",
"matchCriteriaId": "CFDAD450-8799-4C2D-80CE-2AA45DEC35CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5521:-:*:*:*:*:*:*:*",
"matchCriteriaId": "924A5491-E491-4570-ACA5-75B1B2BB736D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796900; Issue ID: ALPS07796900."
}
],
"id": "CVE-2023-20715",
"lastModified": "2025-01-07T19:15:29.033",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-06T13:15:11.397",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-07 19:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796883; Issue ID: ALPS07796883.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | iot-yocto | 22.2 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6789 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - | |
| linuxfoundation | iot-yocto | 22.2 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:-:*:*:*:*:*:*",
"matchCriteriaId": "CFDAD450-8799-4C2D-80CE-2AA45DEC35CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796883; Issue ID: ALPS07796883."
}
],
"id": "CVE-2023-20716",
"lastModified": "2025-01-07T19:15:29.203",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-06T13:15:11.557",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:41
Severity ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126826; Issue ID: ALPS06126826.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126826; Issue ID: ALPS06126826."
},
{
"lang": "es",
"value": "En Bluetooth, es posible que sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06126826; ID de Incidencia: ALPS06126826"
}
],
"id": "CVE-2022-20027",
"lastModified": "2024-11-21T06:41:58.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:16.990",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450."
},
{
"lang": "es",
"value": "En MDP, Se presenta un posible uso de memoria previamente liberada debido a una condici\u00f3n de carrera. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06545450; ID de Incidencia: ALPS06545450"
}
],
"id": "CVE-2022-21776",
"lastModified": "2024-11-21T06:45:24.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.740",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7933 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*",
"matchCriteriaId": "727F29FD-E8DA-46F1-9C98-9D194E981E38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605."
}
],
"id": "CVE-2023-20682",
"lastModified": "2024-11-21T07:41:20.807",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:09.560",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:43
Severity ?
Summary
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561381.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt5522 | - | |
| mediatek | mt5527 | - | |
| mediatek | mt5597 | - | |
| mediatek | mt5598 | - | |
| mediatek | mt5599 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt9256 | - | |
| mediatek | mt9285 | - | |
| mediatek | mt9286 | - | |
| mediatek | mt9288 | - | |
| mediatek | mt9629 | - | |
| mediatek | mt9631 | - | |
| mediatek | mt9632 | - | |
| mediatek | mt9636 | - | |
| mediatek | mt9638 | - | |
| mediatek | mt9639 | - | |
| mediatek | mt9650 | - | |
| mediatek | mt9652 | - | |
| mediatek | mt9669 | - | |
| mediatek | mt9670 | - | |
| mediatek | mt9675 | - | |
| mediatek | mt9685 | - | |
| mediatek | mt9686 | - | |
| mediatek | mt9688 | - | |
| mediatek | mt9931 | - | |
| mediatek | mt9950 | - | |
| mediatek | mt9970 | - | |
| mediatek | mt9980 | - | |
| mediatek | mt9981 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5522:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C38B265-3EE8-417C-9D59-6182939ED27E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5527:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69C04171-DB18-40D7-AFC5-04A869942396",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5597:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC084C16-6693-4FEA-9BDD-B633EAA3E432",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5598:-:*:*:*:*:*:*:*",
"matchCriteriaId": "455B256C-83C8-406F-B28F-A4205E7C094E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5599:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FF926A-2D26-4666-ACA4-474A89243566",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC84405-17EE-4C25-8477-317F2A6A095F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9285:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7E7D3C-436A-4068-99F1-AFEB34989F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEEB709-8C7B-48AF-B359-9CE9C68790D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6081A92B-4361-462A-9F7F-570AC7256CDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47E5EE7B-1208-4007-AF87-6DC309FFE312",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA834B63-F689-48BA-84E6-500351990BFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1B3B37-22C4-42F4-8264-07512619D706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*",
"matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3E19E5-4DD7-4ECB-A7AE-F501A152078E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046B7E06-8C40-4D37-8D10-4816E51CA143",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD9AD54-9F0F-414B-8936-3A981657D6AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D78E76-6A3B-4736-B7E7-C9032CDA845B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9931:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB4C96A-A50F-4194-BE9C-BF2DFD3DEB3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31E0E580-A76F-4CFA-BFF2-0F7540C63C3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "961C13C3-2C3D-46B1-A618-D45920EC5E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16B4C37E-B6CA-4176-B98D-E1C9E66472EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62282860-5EAF-45EA-B36E-6B6F124C3096",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561381."
},
{
"lang": "es",
"value": "En asf extractor, se presenta una posible lectura fuera de l\u00edmites debido a un desbordamiento del b\u00fafer de la pila. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05489178; ID del Problema: ALPS05561381."
}
],
"id": "CVE-2021-0620",
"lastModified": "2024-11-21T05:43:01.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:08.100",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148."
}
],
"id": "CVE-2023-20697",
"lastModified": "2024-11-21T07:41:22.407",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:10.603",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655."
}
],
"id": "CVE-2023-20708",
"lastModified": "2024-11-21T07:41:23.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:11.033",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171715; Issue ID: ALPS06171715.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171715; Issue ID: ALPS06171715."
},
{
"lang": "es",
"value": "En atf (spm), se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06171715; ID de Incidencia: ALPS06171715"
}
],
"id": "CVE-2022-20063",
"lastModified": "2024-11-21T06:42:03.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:18.760",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID: ALPS06219118.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID: ALPS06219118."
},
{
"lang": "es",
"value": "En search engine service, se presenta la posibilidad de cambiar el motor de b\u00fasqueda predeterminado debido a una comparaci\u00f3n incorrecta. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06219118; ID de Incidencia: ALPS06219118"
}
],
"id": "CVE-2022-20072",
"lastModified": "2024-11-21T06:42:04.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.110",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-697"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032553; Issue ID: ALPS07032553.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032553; Issue ID: ALPS07032553."
},
{
"lang": "es",
"value": "En mailbox, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07032553; ID de incidencia: ALPS07032553"
}
],
"id": "CVE-2022-26431",
"lastModified": "2024-11-21T06:53:55.960",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T14:15:09.230",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-04 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 3.1 | |
| linuxfoundation | yocto | 3.3 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| linux | linux_kernel | 4.19 | |
| mediatek | mt2713 | - | |
| mediatek | mt5221 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8188t | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518s | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:-:*:*:*:*:*:*",
"matchCriteriaId": "CFDAD450-8799-4C2D-80CE-2AA45DEC35CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4675A09-0147-4690-8AA1-E3802CA1B3EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212."
},
{
"lang": "es",
"value": "En el controlador Bluetooth, existe una posible lectura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda dar lugar a una fuga de informaci\u00f3n local con privilegios de ejecuci\u00f3n del sistema necesarios. No es necesaria la interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS07867212; ID de la incidencia: LPS07867212. "
}
],
"id": "CVE-2023-32810",
"lastModified": "2024-11-21T08:04:04.500",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-04T03:15:13.223",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:42
Severity ?
Summary
In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171705; Issue ID: ALPS06171705.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6758 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171705; Issue ID: ALPS06171705."
},
{
"lang": "es",
"value": "En ion driver, se presenta una posible divulgaci\u00f3n de informaci\u00f3n debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06171705; ID de Incidencia: ALPS06171705"
}
],
"id": "CVE-2022-20037",
"lastModified": "2024-11-21T06:42:00.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.393",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545464; Issue ID: ALPS06545464.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6731 | - | |
| mediatek | mt6732 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6752 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6758 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FBCBDD-5ADA-49A7-A152-61FB909EE5FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22C2668D-7A14-42AA-A164-957FE78B9ABF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545464; Issue ID: ALPS06545464."
},
{
"lang": "es",
"value": "En WLAN driver, se presenta una posible lectura fuera de l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local con los privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06545464; ID de incidencia: ALPS06545464"
}
],
"id": "CVE-2022-21755",
"lastModified": "2024-11-21T06:45:22.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:08.973",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415."
},
{
"lang": "es",
"value": "En cta, se presenta una posible forma de escribir registros de uso de permisos de una aplicaci\u00f3n debido a una falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conllevar a una escalada local de privilegios sin necesidad de privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07025415; ID de Incidencia: ALPS07025415"
}
],
"id": "CVE-2022-26429",
"lastModified": "2024-11-21T06:53:55.733",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T14:15:09.127",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-02 03:15
Modified
2024-11-21 08:04
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6879 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8390 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544."
},
{
"lang": "es",
"value": "En camera middleware, existe una posible escritura fuera de l\u00edmites debido a una validaci\u00f3n de entrada faltante. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07993539; ID del problema: ALPS07993544."
}
],
"id": "CVE-2023-32826",
"lastModified": "2024-11-21T08:04:07.340",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-10-02T03:15:10.050",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:42
Severity ?
Summary
In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126814; Issue ID: ALPS06126814.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126814; Issue ID: ALPS06126814."
},
{
"lang": "es",
"value": "En Bluetooth, se presenta un posible bloqueo del servicio debido a un uso de memoria previamente liberada. Esto podr\u00eda conllevar a una escalada local de privilegios remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06126814; ID de Incidencia: ALPS06126814"
}
],
"id": "CVE-2022-20044",
"lastModified": "2024-11-21T06:42:01.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.670",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-04 03:15
Modified
2024-11-21 07:41
Severity ?
Summary
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 3.1 | |
| linuxfoundation | yocto | 3.3 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| linux | linux_kernel | 4.19 | |
| mediatek | mt2713 | - | |
| mediatek | mt5221 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8188t | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518s | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:-:*:*:*:*:*:*",
"matchCriteriaId": "CFDAD450-8799-4C2D-80CE-2AA45DEC35CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4675A09-0147-4690-8AA1-E3802CA1B3EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418."
},
{
"lang": "es",
"value": "En imgsys, existe una posible lectura fuera de l\u00edmites debido a una condici\u00f3n de carrera. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n del sistema necesarios. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS07326455; ID del problema: ALPS07326418."
}
],
"id": "CVE-2023-20838",
"lastModified": "2024-11-21T07:41:39.810",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.3,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-04T03:15:10.560",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-02 05:15
Modified
2024-09-05 14:26
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/September-2024 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550."
},
{
"lang": "es",
"value": "En vdec, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar una escalada local de privilegios, siendo necesarios los privilegios de ejecuci\u00f3n de System. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS08932916; ID de problema: MSV-1550."
}
],
"id": "CVE-2024-20087",
"lastModified": "2024-09-05T14:26:51.497",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-09-02T05:15:15.110",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "security@mediatek.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521283; Issue ID: ALPS06521283.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521283; Issue ID: ALPS06521283."
},
{
"lang": "es",
"value": "En WLAN driver, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06521283; ID de incidencia: ALPS06521283"
}
],
"id": "CVE-2022-21750",
"lastModified": "2024-11-21T06:45:21.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:08.763",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:41
Severity ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198663; Issue ID: ALPS06198663.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198663; Issue ID: ALPS06198663."
},
{
"lang": "es",
"value": "En Bluetooth, es posible que sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06198663; ID de Incidencia: ALPS06198663"
}
],
"id": "CVE-2022-20028",
"lastModified": "2024-11-21T06:41:58.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.030",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830."
},
{
"lang": "es",
"value": "En preloader (usb), se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios, para un atacante que tenga acceso f\u00edsico al dispositivo, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06160806; ID de Incidencia: ALPS06160830"
}
],
"id": "CVE-2022-20055",
"lastModified": "2024-11-21T06:42:02.640",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:05.580",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:41
Severity ?
Summary
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126832; Issue ID: ALPS06126832.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126832; Issue ID: ALPS06126832."
},
{
"lang": "es",
"value": "En Bluetooth, es posible que sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06126832; ID de Incidencia: ALPS06126832"
}
],
"id": "CVE-2022-20025",
"lastModified": "2024-11-21T06:41:58.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:16.907",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468894; Issue ID: ALPS06468894.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468894; Issue ID: ALPS06468894."
},
{
"lang": "es",
"value": "En WIFI Firmware, se presenta un posible bloqueo del sistema debido a una falta de comprobaci\u00f3n del recuento. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06468894; ID de incidencia: ALPS06468894"
}
],
"id": "CVE-2022-21757",
"lastModified": "2024-11-21T06:45:22.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:09.057",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06807363; Issue ID: ALPS06807363.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6877 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06807363; Issue ID: ALPS06807363."
},
{
"lang": "es",
"value": "En WLAN driver, Se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06807363; ID de Incidencia: ALPS06807363"
}
],
"id": "CVE-2022-21785",
"lastModified": "2024-11-21T06:45:25.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:18.127",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05839556.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8127 | - | |
| mediatek | mt8135 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8176 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8312c | - | |
| mediatek | mt8312d | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8382 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8389 | - | |
| mediatek | mt8392 | - | |
| mediatek | mt8392_90 | - | |
| mediatek | mt8665 | - | |
| mediatek | mt8685 | - | |
| mediatek | mt8693 | - | |
| mediatek | mt8735 | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8735m | - | |
| mediatek | mt8752 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8783 | - | |
| mediatek | mt8785 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8127:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7BDC63-3963-4C4D-B547-2936006926E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "182A995C-2453-4DF2-ABCC-A885D8C334C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8176:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5B22E8-3536-4DBC-8E71-3E14FE45A887",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8312c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39915BEC-73D4-46B7-B52C-CED910AF3CA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8312d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF828C6-4B05-4E12-9B78-782F1F062F39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8382:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B7F410-9623-4878-AF8B-CB1E68B9C555",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8389:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61E84418-3D52-4C5B-919A-2C3EA3A20BC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8392:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FE1D80-FBA8-452B-AAD1-A7BC430B44B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8392_90:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB784A7D-1B24-48FC-BC42-0F646BBD0B58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8665:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367725BC-DE40-40F1-A59A-C4286CA9C0D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8685:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED17AD2-3B65-48EE-A56E-FEA4A5F38B8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8693:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA2890F-59A8-4CAB-BDFA-883F8A38CE4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "433723EF-FB44-4233-B334-AB9C9D9B0AFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A91F81E5-29D3-4BA7-9476-EBD644F7E4F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8752:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3FC505E-CF02-4F29-8D17-0E0C05433B0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8783:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FD7E95-F0D4-492E-BB92-2597FB9D2884",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "584F2DD7-F353-4156-BFAB-AE6DF5BB9251",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05839556."
},
{
"lang": "es",
"value": "En ged, se presenta una posible corrupci\u00f3n de memoria debido a un manejo de errores incorrecto. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05838808; ID de Incidencia: ALPS05839556"
}
],
"id": "CVE-2022-20076",
"lastModified": "2024-11-21T06:42:06.087",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.270",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:41
Severity ?
Summary
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629571; Issue ID: ALPS07629571.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629571; Issue ID: ALPS07629571."
}
],
"id": "CVE-2023-20612",
"lastModified": "2024-11-21T07:41:13.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:14.863",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 13.0 | ||
| openwrt | openwrt | 19.07.0 | |
| openwrt | openwrt | 21.02.0 | |
| mediatek | mt6880 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only)."
}
],
"id": "CVE-2023-20696",
"lastModified": "2024-11-21T07:41:22.283",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:10.563",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-03 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In ion, there is a possible use after free due to improper update of reference count. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399915.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible use after free due to improper update of reference count. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS06399915."
},
{
"lang": "es",
"value": "En ion, se presenta un posible uso de memoria previamente liberada debido a la actualizaci\u00f3n inapropiada del recuento de referencias. Esto podr\u00eda conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06399915; ID de Incidencia: ALPS06399915"
}
],
"id": "CVE-2022-20109",
"lastModified": "2024-11-21T06:42:10.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-03T20:15:08.870",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 15:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613."
},
{
"lang": "es",
"value": "En Wi-Fi, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07453613; ID del problema: ALPS07453613."
}
],
"id": "CVE-2022-32631",
"lastModified": "2024-11-21T07:06:46.280",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T15:15:18.467",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450."
},
{
"lang": "es",
"value": "En mailbox, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07138450; ID de incidencia: ALPS07138450"
}
],
"id": "CVE-2022-26434",
"lastModified": "2024-11-21T06:53:56.393",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T14:15:09.360",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493873.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493873."
},
{
"lang": "es",
"value": "En WLAN driver, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06493873; ID de Incidencia: ALPS06493873"
}
],
"id": "CVE-2022-21752",
"lastModified": "2024-11-21T06:45:22.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:08.847",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652."
},
{
"lang": "es",
"value": "En decoder, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS08016652; ID del problema: ALPS08016652."
}
],
"id": "CVE-2023-32851",
"lastModified": "2024-11-21T08:04:11.217",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T04:15:07.857",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS05836642; Issue ID: ALPS05836642.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS05836642; Issue ID: ALPS05836642."
},
{
"lang": "es",
"value": "En mdp, se presenta una posible corrupci\u00f3n de memoria debido a un uso de memoria previamente liberada. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05836642; ID de Incidencia: ALPS05836642"
}
],
"id": "CVE-2022-20052",
"lastModified": "2024-11-21T06:42:02.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:18.667",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521."
},
{
"lang": "es",
"value": "En mailbox, se presenta una posible escritura fuera de l\u00edmites debido a una confusi\u00f3n de tipo. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07032521; ID de incidencia: ALPS07032521"
}
],
"id": "CVE-2022-26430",
"lastModified": "2024-11-21T06:53:55.850",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T14:15:09.183",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
},
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-04 16:15
Modified
2024-11-21 06:41
Severity ?
Summary
In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198578; Issue ID: ALPS06198578.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6630 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt7662t | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8362b | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC85BBB-5985-41A1-B19F-1C580C367B64",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7662t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3331F3A6-E176-4EA5-B253-D5B03945C2B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "739BE124-C307-41B2-8E92-C223FE67F88A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198578; Issue ID: ALPS06198578."
},
{
"lang": "es",
"value": "En Bluetooth, se presenta una posible desconexi\u00f3n del enlace debido a que bluetooth no maneja apropiadamente un intento de conexi\u00f3n desde un host con la misma direcci\u00f3n BD que el host BT actualmente conectado. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio remota de bluetooth sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06198578; ID de Incidencia: ALPS06198578"
}
],
"id": "CVE-2022-20022",
"lastModified": "2024-11-21T06:41:58.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-04T16:15:10.653",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588413.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt5221 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588413."
}
],
"id": "CVE-2023-20659",
"lastModified": "2024-11-21T07:41:18.650",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.763",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 15:15
Modified
2024-11-21 07:06
Severity ?
Summary
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213."
},
{
"lang": "es",
"value": "En Widevine, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07446213; ID del problema: ALPS07446213."
}
],
"id": "CVE-2022-32596",
"lastModified": "2024-11-21T07:06:42.370",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T15:15:17.787",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05838808.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8127 | - | |
| mediatek | mt8135 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8176 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8312c | - | |
| mediatek | mt8312d | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8382 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8389 | - | |
| mediatek | mt8392 | - | |
| mediatek | mt8392_90 | - | |
| mediatek | mt8665 | - | |
| mediatek | mt8685 | - | |
| mediatek | mt8693 | - | |
| mediatek | mt8735 | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8735m | - | |
| mediatek | mt8752 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8783 | - | |
| mediatek | mt8785 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8127:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7BDC63-3963-4C4D-B547-2936006926E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "182A995C-2453-4DF2-ABCC-A885D8C334C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8176:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5B22E8-3536-4DBC-8E71-3E14FE45A887",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8312c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39915BEC-73D4-46B7-B52C-CED910AF3CA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8312d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF828C6-4B05-4E12-9B78-782F1F062F39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8382:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B7F410-9623-4878-AF8B-CB1E68B9C555",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8389:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61E84418-3D52-4C5B-919A-2C3EA3A20BC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8392:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FE1D80-FBA8-452B-AAD1-A7BC430B44B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8392_90:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB784A7D-1B24-48FC-BC42-0F646BBD0B58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8665:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367725BC-DE40-40F1-A59A-C4286CA9C0D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8685:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED17AD2-3B65-48EE-A56E-FEA4A5F38B8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8693:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA2890F-59A8-4CAB-BDFA-883F8A38CE4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "433723EF-FB44-4233-B334-AB9C9D9B0AFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A91F81E5-29D3-4BA7-9476-EBD644F7E4F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8752:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3FC505E-CF02-4F29-8D17-0E0C05433B0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8783:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FD7E95-F0D4-492E-BB92-2597FB9D2884",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "584F2DD7-F353-4156-BFAB-AE6DF5BB9251",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05838808."
},
{
"lang": "es",
"value": "En ged, se presenta una posible escritura fuera de l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05838808; ID de Incidencia: ALPS05838808"
}
],
"id": "CVE-2022-20075",
"lastModified": "2024-11-21T06:42:05.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.227",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt5221 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782."
}
],
"id": "CVE-2023-20661",
"lastModified": "2024-11-21T07:41:18.897",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.870",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:45
Modified
2024-11-21 06:42
Severity ?
Summary
In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679."
},
{
"lang": "es",
"value": "En vpu, se presenta una posible escalada de privilegios debido a una falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS05954679; ID de Incidencia: ALPS05954679"
}
],
"id": "CVE-2022-20049",
"lastModified": "2024-11-21T06:42:01.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:45:03.110",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/March-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731."
}
],
"id": "CVE-2023-20691",
"lastModified": "2024-11-21T07:41:21.713",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:09.670",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016659; Issue ID: ALPS08016659.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016659; Issue ID: ALPS08016659."
},
{
"lang": "es",
"value": "En decoder, existe una posible escritura fuera de los l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS08016659; ID del problema: ALPS08016659."
}
],
"id": "CVE-2023-32850",
"lastModified": "2024-11-21T08:04:11.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T04:15:07.807",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:41
Severity ?
Summary
In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862991; Issue ID: ALPS05862991.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6765 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862991; Issue ID: ALPS05862991."
},
{
"lang": "es",
"value": "En ion driver, se presenta una posible divulgaci\u00f3n de informaci\u00f3n debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05862991; ID de Incidencia: ALPS05862991"
}
],
"id": "CVE-2022-20017",
"lastModified": "2024-11-21T06:41:57.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:16.823",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 15:15
Modified
2024-11-21 07:06
Severity ?
Summary
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207."
},
{
"lang": "es",
"value": "En Widevine, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07446207; ID del problema: ALPS07446207."
}
],
"id": "CVE-2022-32594",
"lastModified": "2024-11-21T07:06:42.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T15:15:17.737",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-02 03:15
Modified
2024-11-21 08:04
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6879 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8390 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539."
},
{
"lang": "es",
"value": "En camera middleware, existe una posible escritura fuera de l\u00edmites debido a una validaci\u00f3n de entrada faltante. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07993539; ID del problema: ALPS07993539."
}
],
"id": "CVE-2023-32827",
"lastModified": "2024-11-21T08:04:07.560",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-10-02T03:15:10.097",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:43
Severity ?
Summary
In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158."
},
{
"lang": "es",
"value": "En ccu, se presenta una posible corrupci\u00f3n de memoria debido a un uso de memoria previamente liberada. Esto podr\u00eda conllevar a una escalada de privilegios local con privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05827158; ID del Problema: ALPS05827158."
}
],
"id": "CVE-2021-0664",
"lastModified": "2024-11-21T05:43:06.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:08.770",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:43
Severity ?
Summary
In flv extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594988; Issue ID: ALPS05594988.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In flv extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594988; Issue ID: ALPS05594988."
},
{
"lang": "es",
"value": "En flv extractor, se presenta una posible lectura fuera de l\u00edmites debido a un desbordamiento del b\u00fafer de la pila. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05594988; ID del Problema: ALPS05594988."
}
],
"id": "CVE-2021-0624",
"lastModified": "2024-11-21T05:43:02.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:08.343",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt5221_firmware | 7.6.6.0 | |
| mediatek | mt5221 | - | |
| mediatek | mt7603_firmware | 7.6.6.0 | |
| mediatek | mt7603 | - | |
| mediatek | mt7613_firmware | 7.6.6.0 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.6.0 | |
| mediatek | mt7615 | - | |
| mediatek | mt7622_firmware | 7.6.6.0 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.6.0 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.6.0 | |
| mediatek | mt7629 | - | |
| mediatek | mt7663_firmware | 7.6.6.0 | |
| mediatek | mt7663 | - | |
| mediatek | mt7668_firmware | 7.6.6.0 | |
| mediatek | mt7668 | - | |
| mediatek | mt7682_firmware | 7.6.6.0 | |
| mediatek | mt7682 | - | |
| mediatek | mt7686_firmware | 7.6.6.0 | |
| mediatek | mt7686 | - | |
| mediatek | mt7687_firmware | 7.6.6.0 | |
| mediatek | mt7687 | - | |
| mediatek | mt7697_firmware | 7.6.6.0 | |
| mediatek | mt7697 | - | |
| mediatek | mt7902_firmware | 7.6.6.0 | |
| mediatek | mt7902 | - | |
| mediatek | mt7915_firmware | 7.6.6.0 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.6.0 | |
| mediatek | mt7916 | - | |
| mediatek | mt7921_firmware | 7.6.6.0 | |
| mediatek | mt7921 | - | |
| mediatek | mt7933_firmware | 7.6.6.0 | |
| mediatek | mt7933 | - | |
| mediatek | mt7981_firmware | 7.6.6.0 | |
| mediatek | mt7981 | - | |
| mediatek | mt7986_firmware | 7.6.6.0 | |
| mediatek | mt7986 | - | |
| mediatek | mt8167s_firmware | 7.6.6.0 | |
| mediatek | mt8167s | - | |
| mediatek | mt8175_firmware | 7.6.6.0 | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a_firmware | 7.6.6.0 | |
| mediatek | mt8362a | - | |
| mediatek | mt8365_firmware | 7.6.6.0 | |
| mediatek | mt8365 | - | |
| mediatek | mt8385_firmware | 7.6.6.0 | |
| mediatek | mt8385 | - | |
| mediatek | mt8518s_firmware | 7.6.6.0 | |
| mediatek | mt8518s | - | |
| mediatek | mt8532_firmware | 7.6.6.0 | |
| mediatek | mt8532 | - | |
| mediatek | mt8695_firmware | 7.6.6.0 | |
| mediatek | mt8695 | - | |
| mediatek | mt8696_firmware | 7.6.6.0 | |
| mediatek | mt8696 | - | |
| mediatek | mt8788_firmware | 7.6.6.0 | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9621A8-A63C-4831-9887-3C5C62B05FAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7D50BA-4588-406B-9873-EB067B1FADC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "188DCE87-D893-4109-B946-5A943723021E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1144B15B-0F33-4622-9534-D22741EA6C4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7476AF58-342B-4E2A-BEAD-E379097148D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "572E4322-E017-4298-B34D-F54CB43E599F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D94F1C2D-5749-4BD7-916A-416A88AA858F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9371F16-8A35-4052-BF0A-500F6042FFBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C293668-B45D-4576-8B25-5B5BCD983891",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*",
"matchCriteriaId": "413F83A0-2B78-47A4-B80D-4554C01B1F3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3B5E86-E109-45AA-97BA-8EC81E55A332",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B75820B-B73F-47AB-A25A-4A624767B740",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5414D487-223D-4195-AEA6-429AD30DFCE4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B70678B8-78D6-4651-BE58-44374273F3FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14734451-2D61-4EB5-8BB2-414E2BEDC534",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "605F4D0F-FF81-4CB8-9D25-2FA9410793DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED333D7-1DF2-48EB-8617-16D604070D9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*",
"matchCriteriaId": "727F29FD-E8DA-46F1-9C98-9D194E981E38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81B46566-AE03-4B6B-8B25-13621A060156",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72A30F15-0654-4479-8944-6AF67F610AF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C557CA7B-C1ED-44C3-9E5F-659D74A6359A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A937256-84A3-48A8-BF28-14C87B09EB6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60521D31-F322-4740-9F8F-F16D76902BBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79456DE4-1CF2-4B64-9BF1-B2F9D841F864",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9F2265-32D5-4EEA-8FAD-ECECC8231281",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF834C63-5493-480D-9803-9C2FAA6F41AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028."
}
],
"id": "CVE-2022-32655",
"lastModified": "2024-11-21T07:06:49.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:11.107",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt2713 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8390 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "08A26AC2-409E-499A-B0D5-8C2B5038947D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940."
},
{
"lang": "es",
"value": "En audio, hay una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS08241940; ID del problema: ALPS08241940."
}
],
"id": "CVE-2023-32847",
"lastModified": "2024-11-21T08:04:10.647",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T04:15:07.663",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:41
Severity ?
Summary
In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171675; Issue ID: ALPS06171675.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171675; Issue ID: ALPS06171675."
},
{
"lang": "es",
"value": "En vcu driver, se presenta una posible divulgaci\u00f3n de informaci\u00f3n debido a un uso de memoria previamente liberada. Esto podr\u00eda conllevar a una escalada local de privilegios con privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS06171675; ID de Incidencia: ALPS06171675"
}
],
"id": "CVE-2022-20035",
"lastModified": "2024-11-21T06:41:59.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.313",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-17 17:15
Modified
2024-11-21 05:43
Severity ?
Summary
In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064237.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 8.1 | ||
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6570 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6758 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8176 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "975802CC-B130-4CF3-9B8E-A23DEA464259",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8176:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5B22E8-3536-4DBC-8E71-3E14FE45A887",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064237."
},
{
"lang": "es",
"value": "En el descodificador alac, se presenta una posible lectura fuera de l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06064258; ID de Incidencia: ALPS06064237"
}
],
"id": "CVE-2021-0674",
"lastModified": "2024-11-21T05:43:07.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-17T17:15:10.793",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493899.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493899."
},
{
"lang": "es",
"value": "En WLAN driver, es posible que se produzca una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06493873; ID de incidencia: ALPS06493899"
}
],
"id": "CVE-2022-21753",
"lastModified": "2024-11-21T06:45:22.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:08.890",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 4.0 | |
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711."
}
],
"id": "CVE-2023-20693",
"lastModified": "2024-11-21T07:41:21.930",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:09.760",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 15:15
Modified
2024-11-21 07:06
Severity ?
Summary
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228."
},
{
"lang": "es",
"value": "En Widevine, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07446228; ID del problema: ALPS07446228."
}
],
"id": "CVE-2022-32598",
"lastModified": "2024-11-21T07:06:42.643",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T15:15:17.890",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518."
}
],
"id": "CVE-2023-20676",
"lastModified": "2024-11-21T07:41:20.067",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:09.313",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In meta wifi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441652; Issue ID: ALPS07441652.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In meta wifi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441652; Issue ID: ALPS07441652."
},
{
"lang": "es",
"value": "En meta wifi, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con privilegios de ejecuci\u00f3n del sistema necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07441652; ID del problema: ALPS07441652."
}
],
"id": "CVE-2022-32640",
"lastModified": "2024-11-21T07:06:47.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-03T21:15:11.777",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-05 06:15
Modified
2024-11-21 08:51
Severity ?
Summary
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560."
},
{
"lang": "es",
"value": "En keyInstall, existe una posible escalada de privilegios debido a confusi\u00f3n de tipos. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08358560; ID del problema: ALPS08358560."
}
],
"id": "CVE-2024-20010",
"lastModified": "2024-11-21T08:51:47.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-05T06:15:47.387",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 20:15
Modified
2024-11-21 06:54
Severity ?
Summary
In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121."
},
{
"lang": "es",
"value": "En telephony, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. Esto podr\u00eda conllevar a una escalada de privilegios local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS07319121; ID de Incidencia: ALPS07319121"
}
],
"id": "CVE-2022-26471",
"lastModified": "2024-11-21T06:54:00.753",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T20:15:10.777",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704508.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704508."
},
{
"lang": "es",
"value": "En WLAN driver, es posible sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS06704526; ID de incidencia: ALPS06704508"
}
],
"id": "CVE-2022-21782",
"lastModified": "2024-11-21T06:45:25.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.970",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-08 15:15
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 3.1 | |
| linuxfoundation | yocto | 3.3 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495."
}
],
"id": "CVE-2023-20731",
"lastModified": "2025-01-08T15:15:10.950",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-06T13:15:12.413",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-04 16:15
Modified
2024-11-21 06:41
Severity ?
Summary
In libvcodecdrv, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05943906; Issue ID: ALPS05943906.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In libvcodecdrv, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05943906; Issue ID: ALPS05943906."
},
{
"lang": "es",
"value": "En libvcodecdrv, se presenta una posible divulgaci\u00f3n de informaci\u00f3n debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05943906; ID de Incidencia: ALPS05943906"
}
],
"id": "CVE-2022-20020",
"lastModified": "2024-11-21T06:41:57.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-04T16:15:10.547",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:41
Severity ?
Summary
In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171689; Issue ID: ALPS06171689.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6758 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171689; Issue ID: ALPS06171689."
},
{
"lang": "es",
"value": "En ion driver, se presenta una posible divulgaci\u00f3n de informaci\u00f3n debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local remota sin ser requeridos privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06171689; ID de Incidencia: ALPS06171689"
}
],
"id": "CVE-2022-20036",
"lastModified": "2024-11-21T06:41:59.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.353",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-05 06:15
Modified
2024-11-21 08:51
Severity ?
Summary
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| android | 14.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608."
},
{
"lang": "es",
"value": "En keyInstall, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08471742; ID del problema: ALPS08308608."
}
],
"id": "CVE-2024-20013",
"lastModified": "2024-11-21T08:51:47.850",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-05T06:15:47.530",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704462.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704462."
},
{
"lang": "es",
"value": "En WLAN driver, es posible sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS06704526; ID de incidencia: ALPS06704462"
}
],
"id": "CVE-2022-21784",
"lastModified": "2024-11-21T06:45:25.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:18.070",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-07 19:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In swpm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780926.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 13.0 | ||
| mediatek | mt6789 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In swpm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780926."
}
],
"id": "CVE-2023-20749",
"lastModified": "2025-01-07T19:15:29.377",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-06T13:15:15.023",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 18:15
Modified
2024-11-21 06:54
Severity ?
Summary
In rpmb, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07167738; Issue ID: ALPS07167738.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In rpmb, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07167738; Issue ID: ALPS07167738."
},
{
"lang": "es",
"value": "En rpmb, se presenta una posible escritura fuera de l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una escalada de privilegios local con privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07167738; ID de Incidencia: ALPS07167738."
}
],
"id": "CVE-2022-26467",
"lastModified": "2024-11-21T06:54:00.300",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T18:15:12.540",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 3.1 | |
| linuxfoundation | yocto | 3.3 | |
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6855 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405."
},
{
"lang": "es",
"value": "En cpu dvfs, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS07139405; ID de Incidencia: ALPS07139405"
}
],
"id": "CVE-2022-32592",
"lastModified": "2024-11-21T07:06:41.850",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T20:15:14.880",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441821; Issue ID: ALPS07441821.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt2715 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8192 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8390 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8891 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2715:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA252F20-1BB7-4654-972C-F257F37396A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8192:-:*:*:*:*:*:*:*",
"matchCriteriaId": "422634C7-D280-4664-AEE2-AA5B6723B836",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C450B83A-913C-4E5B-B025-11071B6824D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441821; Issue ID: ALPS07441821."
}
],
"id": "CVE-2023-20688",
"lastModified": "2024-11-21T07:41:21.377",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:09.810",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668."
}
],
"id": "CVE-2023-20711",
"lastModified": "2024-11-21T07:41:24.080",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:11.150",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:43
Severity ?
Summary
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561388.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt5522 | - | |
| mediatek | mt5527 | - | |
| mediatek | mt5597 | - | |
| mediatek | mt5598 | - | |
| mediatek | mt5599 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt9256 | - | |
| mediatek | mt9285 | - | |
| mediatek | mt9286 | - | |
| mediatek | mt9288 | - | |
| mediatek | mt9629 | - | |
| mediatek | mt9631 | - | |
| mediatek | mt9632 | - | |
| mediatek | mt9636 | - | |
| mediatek | mt9638 | - | |
| mediatek | mt9639 | - | |
| mediatek | mt9650 | - | |
| mediatek | mt9652 | - | |
| mediatek | mt9669 | - | |
| mediatek | mt9670 | - | |
| mediatek | mt9675 | - | |
| mediatek | mt9685 | - | |
| mediatek | mt9686 | - | |
| mediatek | mt9688 | - | |
| mediatek | mt9931 | - | |
| mediatek | mt9950 | - | |
| mediatek | mt9970 | - | |
| mediatek | mt9980 | - | |
| mediatek | mt9981 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5522:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C38B265-3EE8-417C-9D59-6182939ED27E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5527:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69C04171-DB18-40D7-AFC5-04A869942396",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5597:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC084C16-6693-4FEA-9BDD-B633EAA3E432",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5598:-:*:*:*:*:*:*:*",
"matchCriteriaId": "455B256C-83C8-406F-B28F-A4205E7C094E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5599:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FF926A-2D26-4666-ACA4-474A89243566",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC84405-17EE-4C25-8477-317F2A6A095F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9285:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7E7D3C-436A-4068-99F1-AFEB34989F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEEB709-8C7B-48AF-B359-9CE9C68790D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6081A92B-4361-462A-9F7F-570AC7256CDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47E5EE7B-1208-4007-AF87-6DC309FFE312",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA834B63-F689-48BA-84E6-500351990BFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1B3B37-22C4-42F4-8264-07512619D706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*",
"matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3E19E5-4DD7-4ECB-A7AE-F501A152078E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046B7E06-8C40-4D37-8D10-4816E51CA143",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD9AD54-9F0F-414B-8936-3A981657D6AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D78E76-6A3B-4736-B7E7-C9032CDA845B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9931:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB4C96A-A50F-4194-BE9C-BF2DFD3DEB3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31E0E580-A76F-4CFA-BFF2-0F7540C63C3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "961C13C3-2C3D-46B1-A618-D45920EC5E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16B4C37E-B6CA-4176-B98D-E1C9E66472EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62282860-5EAF-45EA-B36E-6B6F124C3096",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561388."
},
{
"lang": "es",
"value": "En asf extractor, se presenta una posible lectura fuera de l\u00edmites debido a un desbordamiento del b\u00fafer de la pila. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05489178; ID del Problema: ALPS05561388."
}
],
"id": "CVE-2021-0622",
"lastModified": "2024-11-21T05:43:02.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:08.230",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518s | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8791 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487."
}
],
"id": "CVE-2022-32639",
"lastModified": "2024-11-21T07:06:47.363",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-03T21:15:11.733",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt2601 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6795 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6799 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2601:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8672BC44-8E6C-4A5A-A817-28B7387542D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
"matchCriteriaId": "809FEAD7-F02B-48A9-B442-28B46C7806C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032."
},
{
"lang": "es",
"value": "En sched driver, Se presenta un posible uso de memoria previamente liberada debido a un bloqueo inapropiado. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06479032; ID de incidencia: ALPS06479032"
}
],
"id": "CVE-2022-21775",
"lastModified": "2024-11-21T06:45:24.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.693",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-667"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-04 16:15
Modified
2024-11-21 06:41
Severity ?
Summary
In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308."
},
{
"lang": "es",
"value": "En el controlador vow, se presenta una posible corrupci\u00f3n de la memoria debido a una comprobaci\u00f3n de entrada inapropiada. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05857308; ID de Incidencia: ALPS05857308"
}
],
"id": "CVE-2022-20014",
"lastModified": "2024-11-21T06:41:56.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-04T16:15:10.287",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07509605.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07509605."
}
],
"id": "CVE-2023-20755",
"lastModified": "2024-11-21T07:41:28.977",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:09.940",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt2713 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8192 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8195z | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8755 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8775 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8871 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8192:-:*:*:*:*:*:*:*",
"matchCriteriaId": "422634C7-D280-4664-AEE2-AA5B6723B836",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B3A37B9-F500-4B3C-B77C-B2BD7B015154",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF88096-5CBD-4A4B-8F47-33D38985956F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5FB550-7264-4879-BAF9-6798949113AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F80793-01B7-403A-A5F4-031F82FAC77A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011."
},
{
"lang": "es",
"value": "En netdagent, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07944011; ID del problema: ALPS07944011."
}
],
"id": "CVE-2023-32884",
"lastModified": "2024-11-21T08:04:16.120",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:08.303",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-07 03:15
Modified
2024-10-27 03:35
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1701.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/October-2024 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1701."
},
{
"lang": "es",
"value": "En vdec, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS09028313; ID de problema: MSV-1701."
}
],
"id": "CVE-2024-20091",
"lastModified": "2024-10-27T03:35:01.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-07T03:15:02.583",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security@mediatek.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:42
Severity ?
Summary
In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410."
},
{
"lang": "es",
"value": "En Bluetooth, se presenta una posible corrupci\u00f3n de memoria debido a un error l\u00f3gico. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio local remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06142410; ID de Incidencia: ALPS06142410"
}
],
"id": "CVE-2022-20046",
"lastModified": "2024-11-21T06:42:01.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.747",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:43
Severity ?
Summary
In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt5522 | - | |
| mediatek | mt5527 | - | |
| mediatek | mt5597 | - | |
| mediatek | mt5598 | - | |
| mediatek | mt5599 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8186 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt9256 | - | |
| mediatek | mt9285 | - | |
| mediatek | mt9286 | - | |
| mediatek | mt9288 | - | |
| mediatek | mt9629 | - | |
| mediatek | mt9631 | - | |
| mediatek | mt9632 | - | |
| mediatek | mt9636 | - | |
| mediatek | mt9638 | - | |
| mediatek | mt9639 | - | |
| mediatek | mt9650 | - | |
| mediatek | mt9652 | - | |
| mediatek | mt9669 | - | |
| mediatek | mt9670 | - | |
| mediatek | mt9675 | - | |
| mediatek | mt9685 | - | |
| mediatek | mt9686 | - | |
| mediatek | mt9688 | - | |
| mediatek | mt9931 | - | |
| mediatek | mt9950 | - | |
| mediatek | mt9970 | - | |
| mediatek | mt9980 | - | |
| mediatek | mt9981 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5522:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C38B265-3EE8-417C-9D59-6182939ED27E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5527:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69C04171-DB18-40D7-AFC5-04A869942396",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5597:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC084C16-6693-4FEA-9BDD-B633EAA3E432",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5598:-:*:*:*:*:*:*:*",
"matchCriteriaId": "455B256C-83C8-406F-B28F-A4205E7C094E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5599:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FF926A-2D26-4666-ACA4-474A89243566",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8186:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4932D34-06F4-49D7-81FB-772A82E8A5B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC84405-17EE-4C25-8477-317F2A6A095F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9285:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7E7D3C-436A-4068-99F1-AFEB34989F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEEB709-8C7B-48AF-B359-9CE9C68790D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6081A92B-4361-462A-9F7F-570AC7256CDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47E5EE7B-1208-4007-AF87-6DC309FFE312",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA834B63-F689-48BA-84E6-500351990BFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1B3B37-22C4-42F4-8264-07512619D706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*",
"matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3E19E5-4DD7-4ECB-A7AE-F501A152078E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046B7E06-8C40-4D37-8D10-4816E51CA143",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD9AD54-9F0F-414B-8936-3A981657D6AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D78E76-6A3B-4736-B7E7-C9032CDA845B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9931:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB4C96A-A50F-4194-BE9C-BF2DFD3DEB3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31E0E580-A76F-4CFA-BFF2-0F7540C63C3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "961C13C3-2C3D-46B1-A618-D45920EC5E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16B4C37E-B6CA-4176-B98D-E1C9E66472EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62282860-5EAF-45EA-B36E-6B6F124C3096",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817."
},
{
"lang": "es",
"value": "En asf extractor, se presenta una posible lectura fuera de l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05489178; ID del Problema: ALPS05585817."
}
],
"id": "CVE-2021-0623",
"lastModified": "2024-11-21T05:43:02.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:08.280",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301."
},
{
"lang": "es",
"value": "En preloader (partition), se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios, para un atacante que tenga acceso f\u00edsico al dispositivo, sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06183301; ID de Incidencia: ALPS06183301"
}
],
"id": "CVE-2022-20074",
"lastModified": "2024-11-21T06:42:05.807",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.187",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-03 21:15
Modified
2024-11-21 06:42
Severity ?
Summary
In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID: ALPS06366069.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6797 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID: ALPS06366069."
},
{
"lang": "es",
"value": "En ion, se presenta un posible uso de memoria previamente liberada debido a un manejo incorrecto de errores. Esto podr\u00eda conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS06366069; ID de Incidencia: ALPS06366069"
}
],
"id": "CVE-2022-20111",
"lastModified": "2024-11-21T06:42:10.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-03T21:15:09.300",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-07 21:15
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 3.1 | |
| linuxfoundation | yocto | 3.3 | |
| linuxfoundation | yocto | 4.0 | |
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603."
}
],
"id": "CVE-2023-20728",
"lastModified": "2025-01-07T21:15:10.397",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-06T13:15:12.070",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935."
}
],
"id": "CVE-2023-20710",
"lastModified": "2024-11-21T07:41:23.967",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:11.113",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486."
},
{
"lang": "es",
"value": "En camera isp, se presenta una posible escritura fuera de l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites que falta. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07085486; ID de Incidencia: ALPS07085486"
}
],
"id": "CVE-2022-26426",
"lastModified": "2024-11-21T06:53:55.420",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T14:15:08.980",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648710; Issue ID: ALPS07648710.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt2715 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8871 | - | |
| mediatek | mt8891 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2715:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA252F20-1BB7-4654-972C-F257F37396A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F80793-01B7-403A-A5F4-031F82FAC77A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C450B83A-913C-4E5B-B025-11071B6824D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648710; Issue ID: ALPS07648710."
}
],
"id": "CVE-2023-20670",
"lastModified": "2024-11-21T07:41:19.597",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:09.183",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:41
Severity ?
Summary
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615."
}
],
"id": "CVE-2023-20614",
"lastModified": "2024-11-21T07:41:13.817",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:14.957",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-04 16:15
Modified
2024-11-21 06:41
Severity ?
Summary
In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198608; Issue ID: ALPS06198608.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6630 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755s | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt7662t | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7915 | - | |
| mediatek | mt7920 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt7922 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8362b | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC85BBB-5985-41A1-B19F-1C580C367B64",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7662t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3331F3A6-E176-4EA5-B253-D5B03945C2B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140DAC08-96E9-47D3-BC2E-65E999DCFD50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA2A6813-7138-441E-A9E4-FF62FCBD797A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "739BE124-C307-41B2-8E92-C223FE67F88A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198608; Issue ID: ALPS06198608."
},
{
"lang": "es",
"value": "En Bluetooth, se presenta un posible bloqueo de la aplicaci\u00f3n debido a que bluetooth inunda un dispositivo con el paquete LMP_AU_rand. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio remota de bluetooth sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06198608; ID de Incidencia: ALPS06198608"
}
],
"id": "CVE-2022-20023",
"lastModified": "2024-11-21T06:41:58.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-04T16:15:10.703",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-17 17:15
Modified
2024-11-21 05:43
Severity ?
Summary
In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863009; Issue ID: ALPS05863009.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 8.1 | ||
| android | 9.0 | ||
| android | 10.0 | ||
| android | 11.0 | ||
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8735a | - | |
| mediatek | mt8735b | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863009; Issue ID: ALPS05863009."
},
{
"lang": "es",
"value": "En el controlador geniezone, se presenta una posible lectura fuera de l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites incorrecta. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05863009; ID de Incidencia: ALPS05863009"
}
],
"id": "CVE-2021-0676",
"lastModified": "2024-11-21T05:43:07.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-17T17:15:10.933",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt5221_firmware | 7.6.6.1 | |
| mediatek | mt5221 | - | |
| mediatek | mt7603_firmware | 7.6.6.1 | |
| mediatek | mt7603 | - | |
| mediatek | mt7613_firmware | 7.6.6.1 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.6.1 | |
| mediatek | mt7615 | - | |
| mediatek | mt7622_firmware | 7.6.6.1 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.6.1 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.6.1 | |
| mediatek | mt7629 | - | |
| mediatek | mt7668_firmware | 7.6.6.1 | |
| mediatek | mt7668 | - | |
| mediatek | mt7902_firmware | 7.6.6.1 | |
| mediatek | mt7902 | - | |
| mediatek | mt7915_firmware | 7.6.6.1 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.6.1 | |
| mediatek | mt7916 | - | |
| mediatek | mt7921_firmware | 7.6.6.1 | |
| mediatek | mt7921 | - | |
| mediatek | mt7981_firmware | 7.6.6.1 | |
| mediatek | mt7981 | - | |
| mediatek | mt7986_firmware | 7.6.6.1 | |
| mediatek | mt7986 | - | |
| mediatek | mt8167s_firmware | 7.6.6.1 | |
| mediatek | mt8167s | - | |
| mediatek | mt8175_firmware | 7.6.6.1 | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a_firmware | 7.6.6.1 | |
| mediatek | mt8362a | - | |
| mediatek | mt8365_firmware | 7.6.6.1 | |
| mediatek | mt8365 | - | |
| mediatek | mt8385_firmware | 7.6.6.1 | |
| mediatek | mt8385 | - | |
| mediatek | mt8518s_firmware | 7.6.6.1 | |
| mediatek | mt8518s | - | |
| mediatek | mt8532_firmware | 7.6.6.1 | |
| mediatek | mt8532 | - | |
| mediatek | mt8788_firmware | 7.6.6.1 | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA350781-A776-48D1-A9C3-1EB32DC152D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44F24643-4E2F-49A1-8FE9-8B2105C87CC1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C76FDEBB-51AF-4367-9669-172D4803E11E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1B95AE-F68D-4E3E-BD71-460576776218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5423C5-3A3D-4496-B8D6-857C90329CEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2CC90E-F75D-40DC-894E-9AF171338FD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7476AF58-342B-4E2A-BEAD-E379097148D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2159C96A-299E-4636-B129-2BEAC9B607DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF127C7A-44E3-441A-AD95-63DE93C7E9EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6864912-841E-41A4-9E30-6E8CA2B6F44D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDEC60B1-A589-4BC4-80A8-ED1D3B2F38AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B562C9FF-8527-4D48-8DCE-A30F6E2CC10A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B48743A-911C-4B44-9042-A7BFA9B5C53E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A83A21DA-8E3E-43A4-99E8-0AFC84A172BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1983D4-082C-4C29-BDAA-13A5BAE02E6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCA0B42-B959-40A0-8403-4DD5C823E0B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2EFD461-3F8E-40F9-AE7F-9E9729C7ED83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0E6861E-4197-42A4-A411-2A8E0085E4D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAC8D2E-19F2-4559-B57A-35BFA1736AB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F716928E-BC95-48F2-AF07-CBD5CA9E72D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F370BA-2715-45EC-8F15-2325EAEDAD1C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA0C430-BC99-4736-978E-3BD91AA049BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "733A3CF0-CF17-412E-A93D-E8E093EB334D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014."
}
],
"id": "CVE-2022-32663",
"lastModified": "2024-11-21T07:06:50.210",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:11.203",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-02 05:15
Modified
2024-09-05 14:26
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/September-2024 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551."
},
{
"lang": "es",
"value": "En vdec, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar una escalada local de privilegios, siendo necesarios los privilegios de ejecuci\u00f3n de System. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS08932916; ID de problema: MSV-1551."
}
],
"id": "CVE-2024-20086",
"lastModified": "2024-09-05T14:26:34.557",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-09-02T05:15:15.020",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "security@mediatek.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535953; Issue ID: ALPS06535953.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535953; Issue ID: ALPS06535953."
},
{
"lang": "es",
"value": "En WLAN driver, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06535953; ID de incidencia: ALPS06535953"
}
],
"id": "CVE-2022-21754",
"lastModified": "2024-11-21T06:45:22.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:08.933",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735."
}
],
"id": "CVE-2023-20690",
"lastModified": "2024-11-21T07:41:21.613",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:09.620",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 20:15
Modified
2024-11-21 06:54
Severity ?
Summary
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 3.1 | |
| linuxfoundation | yocto | 3.3 | |
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8512a | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8512a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD3F702-DE9F-4481-8098-02A7B83F9868",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743."
},
{
"lang": "es",
"value": "En wlan, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS07310743; ID de incidencia: ALPS07310743"
}
],
"id": "CVE-2022-26475",
"lastModified": "2024-11-21T06:54:01.210",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T20:15:11.237",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588453.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588453."
}
],
"id": "CVE-2023-20679",
"lastModified": "2024-11-21T07:41:20.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:09.400",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | mt5221_firmware | 7.6.6.0 | |
| mediatek | mt5221 | - | |
| mediatek | mt7603_firmware | 7.6.6.0 | |
| mediatek | mt7603 | - | |
| mediatek | mt7613_firmware | 7.6.6.0 | |
| mediatek | mt7613 | - | |
| mediatek | mt7615_firmware | 7.6.6.0 | |
| mediatek | mt7615 | - | |
| mediatek | mt7622_firmware | 7.6.6.0 | |
| mediatek | mt7622 | - | |
| mediatek | mt7628_firmware | 7.6.6.0 | |
| mediatek | mt7628 | - | |
| mediatek | mt7629_firmware | 7.6.6.0 | |
| mediatek | mt7629 | - | |
| mediatek | mt7663_firmware | 7.6.6.0 | |
| mediatek | mt7663 | - | |
| mediatek | mt7668_firmware | 7.6.6.0 | |
| mediatek | mt7668 | - | |
| mediatek | mt7682_firmware | 7.6.6.0 | |
| mediatek | mt7682 | - | |
| mediatek | mt7686_firmware | 7.6.6.0 | |
| mediatek | mt7686 | - | |
| mediatek | mt7687_firmware | 7.6.6.0 | |
| mediatek | mt7687 | - | |
| mediatek | mt7697_firmware | 7.6.6.0 | |
| mediatek | mt7697 | - | |
| mediatek | mt7902_firmware | 7.6.6.0 | |
| mediatek | mt7902 | - | |
| mediatek | mt7915_firmware | 7.6.6.0 | |
| mediatek | mt7915 | - | |
| mediatek | mt7916_firmware | 7.6.6.0 | |
| mediatek | mt7916 | - | |
| mediatek | mt7921_firmware | 7.6.6.0 | |
| mediatek | mt7921 | - | |
| mediatek | mt7933_firmware | 7.6.6.0 | |
| mediatek | mt7933 | - | |
| mediatek | mt7981_firmware | 7.6.6.0 | |
| mediatek | mt7981 | - | |
| mediatek | mt7986_firmware | 7.6.6.0 | |
| mediatek | mt7986 | - | |
| mediatek | mt8167s_firmware | 7.6.6.0 | |
| mediatek | mt8167s | - | |
| mediatek | mt8175_firmware | 7.6.6.0 | |
| mediatek | mt8175 | - | |
| mediatek | mt8362a_firmware | 7.6.6.0 | |
| mediatek | mt8362a | - | |
| mediatek | mt8365_firmware | 7.6.6.0 | |
| mediatek | mt8365 | - | |
| mediatek | mt8385_firmware | 7.6.6.0 | |
| mediatek | mt8385 | - | |
| mediatek | mt8518s_firmware | 7.6.6.0 | |
| mediatek | mt8518s | - | |
| mediatek | mt8532_firmware | 7.6.6.0 | |
| mediatek | mt8532 | - | |
| mediatek | mt8695_firmware | 7.6.6.0 | |
| mediatek | mt8695 | - | |
| mediatek | mt8696_firmware | 7.6.6.0 | |
| mediatek | mt8696 | - | |
| mediatek | mt8788_firmware | 7.6.6.0 | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt5221_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9621A8-A63C-4831-9887-3C5C62B05FAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7603_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7D50BA-4588-406B-9873-EB067B1FADC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7613_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B89C8667-CFE2-4C1D-904A-20E63D6CAD63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7615_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "188DCE87-D893-4109-B946-5A943723021E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7622_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "556F893B-9EB4-4795-B8F0-BCDCDE7F9981",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7628_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1144B15B-0F33-4622-9534-D22741EA6C4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7476AF58-342B-4E2A-BEAD-E379097148D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7629_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "572E4322-E017-4298-B34D-F54CB43E599F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29C210A3-C71E-4010-9DD6-9E36CADC9EED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7663_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D94F1C2D-5749-4BD7-916A-416A88AA858F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7668_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9371F16-8A35-4052-BF0A-500F6042FFBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7682_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C293668-B45D-4576-8B25-5B5BCD983891",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7682:-:*:*:*:*:*:*:*",
"matchCriteriaId": "413F83A0-2B78-47A4-B80D-4554C01B1F3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7686_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3B5E86-E109-45AA-97BA-8EC81E55A332",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7686:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A23CFDB4-F6D2-4FE7-B22A-BF83E9851648",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7687_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B75820B-B73F-47AB-A25A-4A624767B740",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7687:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE61B2D-5518-4A7F-AE48-A3E24C488DA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7697_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5414D487-223D-4195-AEA6-429AD30DFCE4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7697:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B70678B8-78D6-4651-BE58-44374273F3FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7902_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36F5EC20-B8A8-4A78-95BF-5FA0BB111FD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7915_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "303A9DA7-2C6C-434A-85E7-EE200AF9E2DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7916_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14734451-2D61-4EB5-8BB2-414E2BEDC534",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7921_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "605F4D0F-FF81-4CB8-9D25-2FA9410793DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7933_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED333D7-1DF2-48EB-8617-16D604070D9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7933:-:*:*:*:*:*:*:*",
"matchCriteriaId": "727F29FD-E8DA-46F1-9C98-9D194E981E38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7981_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81B46566-AE03-4B6B-8B25-13621A060156",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt7986_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72A30F15-0654-4479-8944-6AF67F610AF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8167s_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF11C787-56D9-4C7E-BB26-9C3D1BFF5F3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8175_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C557CA7B-C1ED-44C3-9E5F-659D74A6359A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8362a_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FEBF46A-91FC-4CA2-AC08-B2C01A505C7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8365_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02EF7EA-38C8-49CA-A78D-692EC93FB5AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8385_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A937256-84A3-48A8-BF28-14C87B09EB6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8518s_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E11B4BFA-5424-47ED-B7C9-FBFF62E200ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8532_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60521D31-F322-4740-9F8F-F16D76902BBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8695_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79456DE4-1CF2-4B64-9BF1-B2F9D841F864",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8696_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9F2265-32D5-4EEA-8FAD-ECECC8231281",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:mt8788_firmware:7.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF834C63-5493-480D-9803-9C2FAA6F41AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011."
}
],
"id": "CVE-2022-32654",
"lastModified": "2024-11-21T07:06:49.327",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:11.057",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 13.0 | ||
| openwrt | openwrt | 19.07.0 | |
| openwrt | openwrt | 21.02.0 | |
| mediatek | mt6835 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only)."
}
],
"id": "CVE-2023-20695",
"lastModified": "2024-11-21T07:41:22.153",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:10.523",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-04 02:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741."
}
],
"id": "CVE-2023-20689",
"lastModified": "2024-11-21T07:41:21.487",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-04T02:15:09.570",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589144.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8192 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8871 | - | |
| mediatek | mt8891 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8192:-:*:*:*:*:*:*:*",
"matchCriteriaId": "422634C7-D280-4664-AEE2-AA5B6723B836",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78D4E9E1-B044-41EC-BE98-22DC0E5E9010",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F80793-01B7-403A-A5F4-031F82FAC77A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C450B83A-913C-4E5B-B025-11071B6824D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589144."
}
],
"id": "CVE-2023-20653",
"lastModified": "2024-11-21T07:41:17.877",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.407",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-07 03:15
Modified
2024-10-27 03:35
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1699.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/October-2024 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1699."
},
{
"lang": "es",
"value": "En vdec, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS09028313; ID de problema: MSV-1699."
}
],
"id": "CVE-2024-20093",
"lastModified": "2024-10-27T03:35:01.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-07T03:15:02.757",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security@mediatek.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:06
Severity ?
Summary
In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07460390.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07460390."
}
],
"id": "CVE-2022-32599",
"lastModified": "2024-11-21T07:06:42.767",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:08.293",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-07 19:15
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780928.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 13.0 | ||
| mediatek | mt6835 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780928."
}
],
"id": "CVE-2023-20750",
"lastModified": "2025-01-07T19:15:29.593",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-06T13:15:15.233",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-03 21:15
Modified
2024-11-21 07:06
Severity ?
Summary
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573237.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BF3D9050-DFED-4D7B-BB17-24408D344EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "08A26AC2-409E-499A-B0D5-8C2B5038947D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573237."
},
{
"lang": "es",
"value": "En GPS, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07573237; ID del problema: ALPS07573237."
}
],
"id": "CVE-2022-32635",
"lastModified": "2024-11-21T07:06:46.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-03T21:15:11.540",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144."
}
],
"id": "CVE-2023-20698",
"lastModified": "2024-11-21T07:41:22.527",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T22:15:10.647",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-01 14:15
Modified
2024-11-21 06:53
Severity ?
Summary
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400."
},
{
"lang": "es",
"value": "En mailbox, se presenta una posible escritura fuera de l\u00edmites debido a una confusi\u00f3n de tipo. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS07138400; ID de Incidencia: ALPS07138400"
}
],
"id": "CVE-2022-26433",
"lastModified": "2024-11-21T06:53:56.193",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T14:15:09.317",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:41
Severity ?
Summary
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628614; Issue ID: ALPS07628614.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628614; Issue ID: ALPS07628614."
}
],
"id": "CVE-2023-20613",
"lastModified": "2024-11-21T07:41:13.703",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:14.910",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 15:15
Modified
2024-11-21 07:06
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659."
},
{
"lang": "es",
"value": "En keyinstall, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07439659; ID del problema: ALPS07439659."
}
],
"id": "CVE-2022-32619",
"lastModified": "2024-11-21T07:06:44.880",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T15:15:17.940",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In power service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419106; Issue ID: ALPS06419077.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In power service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419106; Issue ID: ALPS06419077."
},
{
"lang": "es",
"value": "En power service, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06419106; ID de incidencia: ALPS06419077"
}
],
"id": "CVE-2022-21759",
"lastModified": "2024-11-21T06:45:23.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:09.137",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-06 18:15
Modified
2024-11-21 07:41
Severity ?
Summary
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588552.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| yoctoproject | yocto | 4.0 | |
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - | |
| linux | linux_kernel | 4.19 | |
| mediatek | mt5221 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00D1586A-C49F-4655-8AC4-F4096B679869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "513F8951-3099-444A-9755-C3A75720EFD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588552."
}
],
"id": "CVE-2023-20674",
"lastModified": "2024-11-21T07:41:19.830",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-06T18:15:09.227",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/April-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-04 03:15
Modified
2024-11-21 07:41
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764."
},
{
"lang": "es",
"value": "En keyinstall, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una comprobaci\u00f3n de l\u00edmites omitida. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n del sistema necesarios. No es necesaria la interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS08017756; ID de la incidencia: ALPS08017764."
}
],
"id": "CVE-2023-20833",
"lastModified": "2024-11-21T07:41:38.973",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-09-04T03:15:10.010",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-04 16:15
Modified
2024-11-21 06:41
Severity ?
Summary
In mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issue ID: ALPS05836478.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6750 | - | |
| mediatek | mt6750s | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8127 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8127:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7BDC63-3963-4C4D-B547-2936006926E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issue ID: ALPS05836478."
},
{
"lang": "es",
"value": "En el controlador mdp, se presenta una posible corrupci\u00f3n de memoria debido a un desbordamiento de enteros. Esto podr\u00eda conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05836478; ID de Incidencia: ALPS05836478"
}
],
"id": "CVE-2022-20012",
"lastModified": "2024-11-21T06:41:56.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-04T16:15:10.167",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07030600; Issue ID: ALPS07030600.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 3.1 | |
| linuxfoundation | yocto | 3.3 | |
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8512a | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8512a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD3F702-DE9F-4481-8098-02A7B83F9868",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07030600; Issue ID: ALPS07030600."
},
{
"lang": "es",
"value": "En Wi-Fi driver, se presenta una posible forma de desconectar el Wi-Fi debido a una liberaci\u00f3n inapropiada de recursos. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio remota sin necesidad de privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS07030600; ID de incidencia: ALPS07030600"
}
],
"id": "CVE-2022-32589",
"lastModified": "2024-11-21T07:06:41.423",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T20:15:14.687",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 15:15
Modified
2024-11-21 07:06
Severity ?
Summary
In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07441637.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| yoctoproject | yocto | 3.1 | |
| yoctoproject | yocto | 3.3 | |
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07441637."
},
{
"lang": "es",
"value": "En Wi-Fi, existe una posible violaci\u00f3n de acceso a la memoria debido a un error l\u00f3gico. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07441637; ID del problema: ALPS07441637."
}
],
"id": "CVE-2022-32633",
"lastModified": "2024-11-21T07:06:46.553",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T15:15:18.567",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/December-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:42
Severity ?
Summary
In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820."
},
{
"lang": "es",
"value": "En Bluetooth, se presenta un posible bloqueo del servicio debido a un uso de memoria previamente liberada. Esto podr\u00eda conllevar a una escalada local de privilegios remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06126820; ID de Incidencia: ALPS06126820"
}
],
"id": "CVE-2022-20045",
"lastModified": "2024-11-21T06:42:01.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.710",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-07 04:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756."
}
],
"id": "CVE-2023-20780",
"lastModified": "2024-11-21T07:41:30.763",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-07T04:15:12.577",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:42
Severity ?
Summary
In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06148177; Issue ID: ALPS06148177.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06148177; Issue ID: ALPS06148177."
},
{
"lang": "es",
"value": "En Bluetooth, se presenta una posible escalada de privilegios debido a una falta de comprobaci\u00f3n de permisos. Esto podr\u00eda conllevar a una escalada de privilegios local remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06148177; ID de Incidencia: ALPS06148177"
}
],
"id": "CVE-2022-20043",
"lastModified": "2024-11-21T06:42:01.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.630",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:42
Severity ?
Summary
In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6755 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150."
},
{
"lang": "es",
"value": "En power_hal_manager_service, se presenta una posible omisi\u00f3n de permisos debido a un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria. Esto podr\u00eda conllevar a una escalada local de privilegios remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06219150; ID de Incidencia: ALPS06219150"
}
],
"id": "CVE-2022-20040",
"lastModified": "2024-11-21T06:42:00.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:17.513",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:45
Severity ?
Summary
In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479532; Issue ID: ALPS06479532.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 10.0 | ||
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479532; Issue ID: ALPS06479532."
},
{
"lang": "es",
"value": "En apusys driver, se presenta un posible bloqueo del sistema debido a un desbordamiento de enteros. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio local con los privilegios de ejecuci\u00f3n System necesarios. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06479532; ID de Incidencia: ALPS06479532"
}
],
"id": "CVE-2022-21761",
"lastModified": "2024-11-21T06:45:23.233",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:09.217",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/June-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt2713 | - | |
| mediatek | mt6580 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8390 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249."
},
{
"lang": "es",
"value": "En Engineer Mode, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08282249; ID del problema: ALPS08282249."
}
],
"id": "CVE-2023-32883",
"lastModified": "2024-11-21T08:04:15.983",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-02T03:15:08.260",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/January-2024"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07299425; Issue ID: ALPS07299425.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 3.1 | |
| linuxfoundation | yocto | 3.3 | |
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt7663 | - | |
| mediatek | mt7668 | - | |
| mediatek | mt7902 | - | |
| mediatek | mt7921 | - | |
| mediatek | mt8167s | - | |
| mediatek | mt8175 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8362a | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8512a | - | |
| mediatek | mt8518 | - | |
| mediatek | mt8532 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E400AB9-B82A-4449-8789-35112940270F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8512a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD3F702-DE9F-4481-8098-02A7B83F9868",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E73E0-EF8D-4659-B447-66474BC05708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07299425; Issue ID: ALPS07299425."
},
{
"lang": "es",
"value": "En wlan, se presenta un posible uso despu\u00e9s de libre debido a una comprobaci\u00f3n de estado incorrecta. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: ALPS07299425; ID de incidencia: ALPS07299425"
}
],
"id": "CVE-2022-32590",
"lastModified": "2024-11-21T07:06:41.577",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T20:15:14.767",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:41
Severity ?
Summary
In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07560720.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07560720."
}
],
"id": "CVE-2023-20616",
"lastModified": "2024-11-21T07:41:14.050",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T20:15:15.050",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-07 04:15
Modified
2024-11-21 07:41
Severity ?
Summary
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | mt6580 | - | |
| mediatek | mt6731 | - | |
| mediatek | mt6735 | - | |
| mediatek | mt6737 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6753 | - | |
| mediatek | mt6757 | - | |
| mediatek | mt6757c | - | |
| mediatek | mt6757cd | - | |
| mediatek | mt6757ch | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6762 | - | |
| mediatek | mt6763 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6769 | - | |
| mediatek | mt6771 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt8185 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - | |
| mediatek | mt8789 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989."
}
],
"id": "CVE-2023-20784",
"lastModified": "2024-11-21T07:41:31.277",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-07T04:15:12.860",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-04 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | yocto | 4.0 | |
| mediatek | iot_yocto | 23.0 | |
| android | 13.0 | ||
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt8167 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8321 | - | |
| mediatek | mt8365 | - | |
| mediatek | mt8385 | - | |
| mediatek | mt8666 | - | |
| mediatek | mt8667 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8781 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360."
},
{
"lang": "es",
"value": "En el servicio wlan, existe una posible lectura fuera de l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n del sistema necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS07588360; ID del problema: ALPS07588360."
}
],
"id": "CVE-2023-32807",
"lastModified": "2024-11-21T08:04:04.110",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-04T03:15:12.657",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}