All the vulnerabilites related to mediatek - mt9025
cve-2023-20734
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-08 14:54
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184.
References
https://corp.mediatek.com/product-security-bulletin/June-2023
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:14:40.846Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-20734",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-08T14:54:38.828219Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-08T14:54:47.136Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT5696, MT5836, MT5838, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8365, MT8395, MT9000, MT9015, MT9023, MT9025, MT9618, MT9649, MT9653, MT9679, MT9687, MT9689, MT9902, MT9932, MT9952, MT9972, MT9982",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-06T12:11:19.196Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2023-20734",
    "datePublished": "2023-06-06T12:11:19.196Z",
    "dateReserved": "2022-10-28T02:03:10.767Z",
    "dateUpdated": "2025-01-08T14:54:47.136Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20738
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-07 21:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173.
References
https://corp.mediatek.com/product-security-bulletin/June-2023
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:14:40.967Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-20738",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-07T21:15:02.286724Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-07T21:15:07.999Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT5696, MT5836, MT5838, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8195, MT8365, MT8395, MT8673, MT8781, MT8786, MT8789, MT8791T, MT8797, MT9000, MT9015, MT9023, MT9025, MT9618, MT9649, MT9653, MT9679, MT9687, MT9689, MT9902, MT9932, MT9952, MT9972, MT9982",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-06T12:11:27.204Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2023-20738",
    "datePublished": "2023-06-06T12:11:27.204Z",
    "dateReserved": "2022-10-28T02:03:10.767Z",
    "dateUpdated": "2025-01-07T21:15:07.999Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-20001
Vulnerability from cvelistv5
Published
2024-02-05 05:59
Modified
2024-08-01 21:52
Severity ?
Summary
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601.
References
https://corp.mediatek.com/product-security-bulletin/February-2024
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:52:31.394Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT5583, MT5586, MT5691, MT5695, MT5696, MT9010, MT9011, MT9012, MT9015, MT9016, MT9020, MT9021, MT9022, MT9025, MT9026, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9603, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9633, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9660, MT9666, MT9667, MT9669, MT9671, MT9675, MT9679, MT9685, MT9686, MT9688, MT9689",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 11.0, 12.0, 13.0, 14.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T05:59:41.091Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20001",
    "datePublished": "2024-02-05T05:59:41.091Z",
    "dateReserved": "2023-11-02T13:35:35.146Z",
    "dateUpdated": "2024-08-01T21:52:31.394Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20673
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
Summary
In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.
References
https://corp.mediatek.com/product-security-bulletin/May-2023
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:14:40.019Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT5696, MT5836, MT5838, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8195, MT8395, MT8781, MT8786, MT8789, MT8791, MT8797, MT9000, MT9023, MT9025, MT9618, MT9653, MT9687, MT9689, MT9902, MT9932, MT9952, MT9972, MT9982",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 11.0, 12.0, 13.0 / Iot-Yocto 22.2 (Yocto 4.0)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-15T00:00:00",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2023-20673",
    "datePublished": "2023-05-15T00:00:00",
    "dateReserved": "2022-10-28T00:00:00",
    "dateUpdated": "2024-08-02T09:14:40.019Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20735
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-08 14:30
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178.
References
https://corp.mediatek.com/product-security-bulletin/June-2023
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:14:41.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-20735",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-08T14:30:12.208213Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-08T14:30:18.073Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT5696, MT5836, MT5838, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8195, MT8365, MT8395, MT8673, MT8781, MT8786, MT8789, MT8791T, MT8797, MT9000, MT9015, MT9023, MT9025, MT9618, MT9649, MT9653, MT9679, MT9687, MT9689, MT9902, MT9932, MT9952, MT9972, MT9982",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-06T12:11:21.208Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2023-20735",
    "datePublished": "2023-06-06T12:11:21.208Z",
    "dateReserved": "2022-10-28T02:03:10.767Z",
    "dateUpdated": "2025-01-08T14:30:18.073Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20747
Vulnerability from cvelistv5
Published
2023-06-06 12:11
Modified
2025-01-07 19:14
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121.
References
https://corp.mediatek.com/product-security-bulletin/June-2023
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:14:40.966Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-20747",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-07T19:14:39.796298Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-843",
                "description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-07T19:14:44.403Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT5696, MT5836, MT5838, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8195, MT8365, MT8781, MT8786, MT8789, MT8791, MT8797, MT9000, MT9015, MT9023, MT9025, MT9618, MT9649, MT9653, MT9679, MT9687, MT9689, MT9902, MT9932, MT9952, MT9972, MT9982",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-06T12:11:45.197Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2023-20747",
    "datePublished": "2023-06-06T12:11:45.197Z",
    "dateReserved": "2022-10-28T02:03:10.770Z",
    "dateUpdated": "2025-01-07T19:14:44.403Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-20002
Vulnerability from cvelistv5
Published
2024-02-05 05:59
Modified
2024-08-01 21:52
Severity ?
Summary
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715.
References
https://corp.mediatek.com/product-security-bulletin/February-2024
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:52:31.242Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT5583, MT5586, MT5691, MT5695, MT5696, MT9010, MT9011, MT9012, MT9015, MT9016, MT9020, MT9021, MT9022, MT9025, MT9026, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9603, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9633, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9660, MT9666, MT9667, MT9669, MT9671, MT9675, MT9679, MT9685, MT9686, MT9688, MT9689",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 11.0, 12.0, 13.0, 14.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T05:59:42.613Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20002",
    "datePublished": "2024-02-05T05:59:42.613Z",
    "dateReserved": "2023-11-02T13:35:35.146Z",
    "dateUpdated": "2024-08-01T21:52:31.242Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2024-11-21 07:41
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.
References
security@mediatek.comhttps://corp.mediatek.com/product-security-bulletin/May-2023Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://corp.mediatek.com/product-security-bulletin/May-2023Vendor Advisory
Impacted products
Vendor Product Version
mediatek iot_yocto 22.2
google android 11.0
google android 12.0
google android 13.0
mediatek mt5696 -
mediatek mt5836 -
mediatek mt5838 -
mediatek mt6768 -
mediatek mt6769 -
mediatek mt6779 -
mediatek mt6781 -
mediatek mt6785 -
mediatek mt6789 -
mediatek mt6833 -
mediatek mt6853 -
mediatek mt6853t -
mediatek mt6855 -
mediatek mt6873 -
mediatek mt6875 -
mediatek mt6877 -
mediatek mt6883 -
mediatek mt6885 -
mediatek mt6889 -
mediatek mt6891 -
mediatek mt6893 -
mediatek mt8185 -
mediatek mt8195 -
mediatek mt8395 -
mediatek mt8781 -
mediatek mt8786 -
mediatek mt8789 -
mediatek mt8791 -
mediatek mt8797 -
mediatek mt9000 -
mediatek mt9023 -
mediatek mt9025 -
mediatek mt9618 -
mediatek mt9653 -
mediatek mt9687 -
mediatek mt9689 -
mediatek mt9902 -
mediatek mt9932 -
mediatek mt9952 -
mediatek mt9972 -
mediatek mt9982 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mediatek:iot_yocto:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FE75BC-C0ED-445D-9ECD-BEA9D8881CBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5836:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "222E4ECD-459A-4422-947F-FF26E026BC56",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5838:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E72667B1-71C3-4DB5-A5E4-BC8212B1B00B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0200228-E2A8-4DBE-A4DA-7AC7D4B9DE99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "591A2A8B-DB5D-42BC-99A6-0D0DAB45C645",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6133E43-E032-4334-88C7-116B27B3090D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BC3AE7-4180-4B8C-AB69-8AC4F502700D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9687:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC2011E-7629-477E-A898-9748119F7A23",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42C58EE-7A5A-42BE-9C64-1A0F3657AA05",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9932:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB40D8E-E934-47B1-A3A9-102F39C2FF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9952:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0407203F-F9DE-4899-B0E6-226A7E9952CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9972:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C76B993-B660-41EB-A66A-96011A044BF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9982:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8F0452-97F5-4BC6-AC85-42A24721F7CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103."
    }
  ],
  "id": "CVE-2023-20673",
  "lastModified": "2024-11-21T07:41:19.717",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-05-15T22:15:10.427",
  "references": [
    {
      "source": "security@mediatek.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
    }
  ],
  "sourceIdentifier": "security@mediatek.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-843"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-02-05 06:15
Modified
2024-11-21 08:51
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715.
References
security@mediatek.comhttps://corp.mediatek.com/product-security-bulletin/February-2024Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://corp.mediatek.com/product-security-bulletin/February-2024Vendor Advisory
Impacted products
Vendor Product Version
google android 11.0
google android 12.0
google android 13.0
google android 14.0
mediatek mt5583 -
mediatek mt5586 -
mediatek mt5691 -
mediatek mt5695 -
mediatek mt5696 -
mediatek mt9010 -
mediatek mt9011 -
mediatek mt9012 -
mediatek mt9015 -
mediatek mt9016 -
mediatek mt9020 -
mediatek mt9021 -
mediatek mt9022 -
mediatek mt9025 -
mediatek mt9026 -
mediatek mt9216 -
mediatek mt9218 -
mediatek mt9220 -
mediatek mt9221 -
mediatek mt9222 -
mediatek mt9255 -
mediatek mt9256 -
mediatek mt9266 -
mediatek mt9269 -
mediatek mt9286 -
mediatek mt9288 -
mediatek mt9602 -
mediatek mt9603 -
mediatek mt9610 -
mediatek mt9611 -
mediatek mt9612 -
mediatek mt9613 -
mediatek mt9615 -
mediatek mt9617 -
mediatek mt9618 -
mediatek mt9629 -
mediatek mt9630 -
mediatek mt9631 -
mediatek mt9632 -
mediatek mt9633 -
mediatek mt9636 -
mediatek mt9638 -
mediatek mt9639 -
mediatek mt9649 -
mediatek mt9650 -
mediatek mt9652 -
mediatek mt9653 -
mediatek mt9660 -
mediatek mt9666 -
mediatek mt9667 -
mediatek mt9669 -
mediatek mt9671 -
mediatek mt9675 -
mediatek mt9679 -
mediatek mt9685 -
mediatek mt9686 -
mediatek mt9688 -
mediatek mt9689 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt5583:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C394724-3294-4953-85C8-EE3894B5092C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5586:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E684A498-10F3-4BD8-9935-9ED5933F9157",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5691:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96BD96BE-10BC-4C7E-8A48-C7CB08A61765",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5695:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75A56009-090B-4101-B000-224412058654",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC50C1C-A31D-4EDF-AB6A-FA1E92AE7F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE06B45-7F23-4EB5-9885-4FCA0FC0D5C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9012:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFB4E04-7BC0-4B48-ABD7-6971E4725895",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354492FD-4052-41F8-805E-55F387AF8F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE1DD6A9-E503-4A8E-92FF-625CD734DBD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAAF66C-9C81-498B-A0C0-3295CB7324A9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9021:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E1092AC-60EC-453C-9AA9-8F35A2A6DF92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9022:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ED16A-35A5-4F54-A01F-6EADE58E5530",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6133E43-E032-4334-88C7-116B27B3090D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9026:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49437377-6D2F-40FD-8CCF-29179C19D296",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9216:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B45803F-1AD2-47C8-BB9B-276628A0D605",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9218:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B028E80F-396F-4898-841D-9E99DE54FAC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FB0DB25-6CFF-4688-B423-6CC0252C3B59",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9221:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9E90123-D7DC-4C68-B2F9-27DCEDED2FC6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9222:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B250A0A-BE50-45B6-AD72-8EA876F64DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9255:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9C5A33A-7B04-4E14-A268-A717CD2420DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAC84405-17EE-4C25-8477-317F2A6A095F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9266:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85C42802-293E-448B-A059-DFDEF1D97EC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9269:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F19E7E64-721E-436B-B879-D1EDE5EFF84C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CEEB709-8C7B-48AF-B359-9CE9C68790D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6081A92B-4361-462A-9F7F-570AC7256CDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49ED757E-42DD-4176-B216-915EFD8E2F40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9603:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26696662-6232-458A-A1E1-067CBDB62FA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BA3286D-A136-4EB2-A181-6EF8A556EFDF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9611:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A9F24C9-2A69-44D9-A16B-E4187230F984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9612:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD04E099-75F4-48F6-BB8C-28A5D6FB8F60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9613:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E92602E3-1B1B-4683-801D-D151919C63EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF44498-001B-4A51-AB32-EBC206B14741",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9617:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2E6E130-9F65-482B-AF8B-97DA81FCE19E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E5EE7B-1208-4007-AF87-6DC309FFE312",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE404F4-FFAE-4646-9234-15230F0577F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA834B63-F689-48BA-84E6-500351990BFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF1B3B37-22C4-42F4-8264-07512619D706",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9633:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CF26725-1701-40F4-83E9-1A4709B60763",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C6E88C-46DD-45AB-88C1-B69FC0E25056",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BC3AE7-4180-4B8C-AB69-8AC4F502700D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9660:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB80E351-B6E5-4571-A603-04A3A6AFB8CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9666:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A4E9A32-6267-4AB3-B9A9-BBC79ED2F343",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9667:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7AC916-FF8D-430D-837C-0587056198AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9671:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F5F738-459C-4316-80AF-1B9C33E0F36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B7E06-8C40-4D37-8D10-4816E51CA143",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "717AE700-78CC-4750-92CB-C9293571EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFD9AD54-9F0F-414B-8936-3A981657D6AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D78E76-6A3B-4736-B7E7-C9032CDA845B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715."
    },
    {
      "lang": "es",
      "value": "En TVAPI, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: DTV03961715; ID del problema: DTV03961715."
    }
  ],
  "id": "CVE-2024-20002",
  "lastModified": "2024-11-21T08:51:46.143",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-02-05T06:15:47.083",
  "references": [
    {
      "source": "security@mediatek.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
    }
  ],
  "sourceIdentifier": "security@mediatek.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-08 15:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184.
References
security@mediatek.comhttps://corp.mediatek.com/product-security-bulletin/June-2023Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://corp.mediatek.com/product-security-bulletin/June-2023Vendor Advisory
Impacted products
Vendor Product Version
linuxfoundation iot-yocto 22.2
linuxfoundation yocto 4.0
google android 12.0
google android 13.0
mediatek mt5696 -
mediatek mt5836 -
mediatek mt5838 -
mediatek mt6768 -
mediatek mt6769 -
mediatek mt6779 -
mediatek mt6781 -
mediatek mt6785 -
mediatek mt6789 -
mediatek mt6833 -
mediatek mt6853 -
mediatek mt6853t -
mediatek mt6873 -
mediatek mt6875 -
mediatek mt6877 -
mediatek mt6883 -
mediatek mt6885 -
mediatek mt6889 -
mediatek mt6891 -
mediatek mt6893 -
mediatek mt8168 -
mediatek mt8365 -
mediatek mt8395 -
mediatek mt9000 -
mediatek mt9015 -
mediatek mt9023 -
mediatek mt9025 -
mediatek mt9618 -
mediatek mt9649 -
mediatek mt9653 -
mediatek mt9679 -
mediatek mt9687 -
mediatek mt9689 -
mediatek mt9902 -
mediatek mt9932 -
mediatek mt9952 -
mediatek mt9972 -
mediatek mt9982 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5836:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "222E4ECD-459A-4422-947F-FF26E026BC56",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5838:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E72667B1-71C3-4DB5-A5E4-BC8212B1B00B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0200228-E2A8-4DBE-A4DA-7AC7D4B9DE99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354492FD-4052-41F8-805E-55F387AF8F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "591A2A8B-DB5D-42BC-99A6-0D0DAB45C645",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6133E43-E032-4334-88C7-116B27B3090D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C6E88C-46DD-45AB-88C1-B69FC0E25056",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BC3AE7-4180-4B8C-AB69-8AC4F502700D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "717AE700-78CC-4750-92CB-C9293571EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9687:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC2011E-7629-477E-A898-9748119F7A23",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42C58EE-7A5A-42BE-9C64-1A0F3657AA05",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9932:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB40D8E-E934-47B1-A3A9-102F39C2FF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9952:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0407203F-F9DE-4899-B0E6-226A7E9952CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9972:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C76B993-B660-41EB-A66A-96011A044BF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9982:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8F0452-97F5-4BC6-AC85-42A24721F7CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184."
    }
  ],
  "id": "CVE-2023-20734",
  "lastModified": "2025-01-08T15:15:11.760",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-06-06T13:15:12.800",
  "references": [
    {
      "source": "security@mediatek.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
    }
  ],
  "sourceIdentifier": "security@mediatek.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-07 20:15
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121.
References
security@mediatek.comhttps://corp.mediatek.com/product-security-bulletin/June-2023Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://corp.mediatek.com/product-security-bulletin/June-2023Vendor Advisory
Impacted products
Vendor Product Version
linuxfoundation iot-yocto 22.2
linuxfoundation yocto 4.0
google android 12.0
google android 13.0
mediatek mt5696 -
mediatek mt5836 -
mediatek mt5838 -
mediatek mt6768 -
mediatek mt6769 -
mediatek mt6779 -
mediatek mt6781 -
mediatek mt6785 -
mediatek mt6789 -
mediatek mt6833 -
mediatek mt6835 -
mediatek mt6853 -
mediatek mt6853t -
mediatek mt6855 -
mediatek mt6873 -
mediatek mt6875 -
mediatek mt6877 -
mediatek mt6883 -
mediatek mt6885 -
mediatek mt6889 -
mediatek mt6891 -
mediatek mt6893 -
mediatek mt8185 -
mediatek mt8195 -
mediatek mt8365 -
mediatek mt8781 -
mediatek mt8786 -
mediatek mt8789 -
mediatek mt8791 -
mediatek mt8797 -
mediatek mt9000 -
mediatek mt9015 -
mediatek mt9023 -
mediatek mt9025 -
mediatek mt9618 -
mediatek mt9649 -
mediatek mt9653 -
mediatek mt9679 -
mediatek mt9687 -
mediatek mt9689 -
mediatek mt9902 -
mediatek mt9932 -
mediatek mt9952 -
mediatek mt9972 -
mediatek mt9982 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5836:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "222E4ECD-459A-4422-947F-FF26E026BC56",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5838:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E72667B1-71C3-4DB5-A5E4-BC8212B1B00B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0200228-E2A8-4DBE-A4DA-7AC7D4B9DE99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354492FD-4052-41F8-805E-55F387AF8F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "591A2A8B-DB5D-42BC-99A6-0D0DAB45C645",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6133E43-E032-4334-88C7-116B27B3090D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C6E88C-46DD-45AB-88C1-B69FC0E25056",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BC3AE7-4180-4B8C-AB69-8AC4F502700D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "717AE700-78CC-4750-92CB-C9293571EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9687:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC2011E-7629-477E-A898-9748119F7A23",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42C58EE-7A5A-42BE-9C64-1A0F3657AA05",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9932:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB40D8E-E934-47B1-A3A9-102F39C2FF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9952:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0407203F-F9DE-4899-B0E6-226A7E9952CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9972:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C76B993-B660-41EB-A66A-96011A044BF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9982:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8F0452-97F5-4BC6-AC85-42A24721F7CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121."
    }
  ],
  "id": "CVE-2023-20747",
  "lastModified": "2025-01-07T20:15:28.907",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-06-06T13:15:14.887",
  "references": [
    {
      "source": "security@mediatek.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
    }
  ],
  "sourceIdentifier": "security@mediatek.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-843"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-843"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-07 22:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173.
References
security@mediatek.comhttps://corp.mediatek.com/product-security-bulletin/June-2023Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://corp.mediatek.com/product-security-bulletin/June-2023Vendor Advisory
Impacted products
Vendor Product Version
linuxfoundation iot-yocto 22.2
linuxfoundation yocto 4.0
google android 12.0
google android 13.0
mediatek mt5696 -
mediatek mt5836 -
mediatek mt5838 -
mediatek mt6768 -
mediatek mt6769 -
mediatek mt6779 -
mediatek mt6781 -
mediatek mt6785 -
mediatek mt6789 -
mediatek mt6833 -
mediatek mt6853 -
mediatek mt6853t -
mediatek mt6873 -
mediatek mt6875 -
mediatek mt6877 -
mediatek mt6883 -
mediatek mt6885 -
mediatek mt6889 -
mediatek mt6891 -
mediatek mt6893 -
mediatek mt8168 -
mediatek mt8175 -
mediatek mt8195 -
mediatek mt8365 -
mediatek mt8395 -
mediatek mt8673 -
mediatek mt8781 -
mediatek mt8786 -
mediatek mt8789 -
mediatek mt8791t -
mediatek mt8797 -
mediatek mt9000 -
mediatek mt9015 -
mediatek mt9023 -
mediatek mt9025 -
mediatek mt9618 -
mediatek mt9649 -
mediatek mt9653 -
mediatek mt9679 -
mediatek mt9687 -
mediatek mt9689 -
mediatek mt9902 -
mediatek mt9932 -
mediatek mt9952 -
mediatek mt9972 -
mediatek mt9982 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5836:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "222E4ECD-459A-4422-947F-FF26E026BC56",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5838:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E72667B1-71C3-4DB5-A5E4-BC8212B1B00B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0200228-E2A8-4DBE-A4DA-7AC7D4B9DE99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354492FD-4052-41F8-805E-55F387AF8F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "591A2A8B-DB5D-42BC-99A6-0D0DAB45C645",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6133E43-E032-4334-88C7-116B27B3090D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C6E88C-46DD-45AB-88C1-B69FC0E25056",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BC3AE7-4180-4B8C-AB69-8AC4F502700D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "717AE700-78CC-4750-92CB-C9293571EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9687:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC2011E-7629-477E-A898-9748119F7A23",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42C58EE-7A5A-42BE-9C64-1A0F3657AA05",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9932:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB40D8E-E934-47B1-A3A9-102F39C2FF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9952:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0407203F-F9DE-4899-B0E6-226A7E9952CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9972:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C76B993-B660-41EB-A66A-96011A044BF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9982:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8F0452-97F5-4BC6-AC85-42A24721F7CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173."
    }
  ],
  "id": "CVE-2023-20738",
  "lastModified": "2025-01-07T22:15:28.617",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-06-06T13:15:13.430",
  "references": [
    {
      "source": "security@mediatek.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
    }
  ],
  "sourceIdentifier": "security@mediatek.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-02-05 06:15
Modified
2024-11-21 08:51
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601.
References
security@mediatek.comhttps://corp.mediatek.com/product-security-bulletin/February-2024Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://corp.mediatek.com/product-security-bulletin/February-2024Vendor Advisory
Impacted products
Vendor Product Version
google android 11.0
google android 12.0
google android 13.0
google android 14.0
mediatek mt5583 -
mediatek mt5586 -
mediatek mt5691 -
mediatek mt5695 -
mediatek mt5696 -
mediatek mt9010 -
mediatek mt9011 -
mediatek mt9012 -
mediatek mt9015 -
mediatek mt9016 -
mediatek mt9020 -
mediatek mt9021 -
mediatek mt9022 -
mediatek mt9025 -
mediatek mt9026 -
mediatek mt9216 -
mediatek mt9218 -
mediatek mt9220 -
mediatek mt9221 -
mediatek mt9222 -
mediatek mt9255 -
mediatek mt9256 -
mediatek mt9266 -
mediatek mt9269 -
mediatek mt9286 -
mediatek mt9288 -
mediatek mt9602 -
mediatek mt9603 -
mediatek mt9610 -
mediatek mt9611 -
mediatek mt9612 -
mediatek mt9613 -
mediatek mt9615 -
mediatek mt9617 -
mediatek mt9618 -
mediatek mt9629 -
mediatek mt9630 -
mediatek mt9631 -
mediatek mt9632 -
mediatek mt9633 -
mediatek mt9636 -
mediatek mt9638 -
mediatek mt9639 -
mediatek mt9649 -
mediatek mt9650 -
mediatek mt9652 -
mediatek mt9653 -
mediatek mt9660 -
mediatek mt9666 -
mediatek mt9667 -
mediatek mt9669 -
mediatek mt9671 -
mediatek mt9675 -
mediatek mt9679 -
mediatek mt9685 -
mediatek mt9686 -
mediatek mt9688 -
mediatek mt9689 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt5583:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C394724-3294-4953-85C8-EE3894B5092C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5586:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E684A498-10F3-4BD8-9935-9ED5933F9157",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5691:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96BD96BE-10BC-4C7E-8A48-C7CB08A61765",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5695:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75A56009-090B-4101-B000-224412058654",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC50C1C-A31D-4EDF-AB6A-FA1E92AE7F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE06B45-7F23-4EB5-9885-4FCA0FC0D5C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9012:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFB4E04-7BC0-4B48-ABD7-6971E4725895",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354492FD-4052-41F8-805E-55F387AF8F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE1DD6A9-E503-4A8E-92FF-625CD734DBD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAAF66C-9C81-498B-A0C0-3295CB7324A9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9021:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E1092AC-60EC-453C-9AA9-8F35A2A6DF92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9022:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ED16A-35A5-4F54-A01F-6EADE58E5530",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6133E43-E032-4334-88C7-116B27B3090D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9026:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49437377-6D2F-40FD-8CCF-29179C19D296",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9216:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B45803F-1AD2-47C8-BB9B-276628A0D605",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9218:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B028E80F-396F-4898-841D-9E99DE54FAC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FB0DB25-6CFF-4688-B423-6CC0252C3B59",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9221:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9E90123-D7DC-4C68-B2F9-27DCEDED2FC6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9222:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B250A0A-BE50-45B6-AD72-8EA876F64DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9255:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9C5A33A-7B04-4E14-A268-A717CD2420DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAC84405-17EE-4C25-8477-317F2A6A095F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9266:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85C42802-293E-448B-A059-DFDEF1D97EC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9269:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F19E7E64-721E-436B-B879-D1EDE5EFF84C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CEEB709-8C7B-48AF-B359-9CE9C68790D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6081A92B-4361-462A-9F7F-570AC7256CDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49ED757E-42DD-4176-B216-915EFD8E2F40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9603:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26696662-6232-458A-A1E1-067CBDB62FA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BA3286D-A136-4EB2-A181-6EF8A556EFDF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9611:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A9F24C9-2A69-44D9-A16B-E4187230F984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9612:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD04E099-75F4-48F6-BB8C-28A5D6FB8F60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9613:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E92602E3-1B1B-4683-801D-D151919C63EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF44498-001B-4A51-AB32-EBC206B14741",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9617:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2E6E130-9F65-482B-AF8B-97DA81FCE19E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E5EE7B-1208-4007-AF87-6DC309FFE312",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE404F4-FFAE-4646-9234-15230F0577F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA834B63-F689-48BA-84E6-500351990BFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF1B3B37-22C4-42F4-8264-07512619D706",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9633:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CF26725-1701-40F4-83E9-1A4709B60763",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C6E88C-46DD-45AB-88C1-B69FC0E25056",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BC3AE7-4180-4B8C-AB69-8AC4F502700D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9660:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB80E351-B6E5-4571-A603-04A3A6AFB8CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9666:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A4E9A32-6267-4AB3-B9A9-BBC79ED2F343",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9667:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7AC916-FF8D-430D-837C-0587056198AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9671:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F5F738-459C-4316-80AF-1B9C33E0F36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B7E06-8C40-4D37-8D10-4816E51CA143",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "717AE700-78CC-4750-92CB-C9293571EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFD9AD54-9F0F-414B-8936-3A981657D6AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D78E76-6A3B-4736-B7E7-C9032CDA845B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601."
    },
    {
      "lang": "es",
      "value": "En TVAPI, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: DTV03961601; ID del problema: DTV03961601."
    }
  ],
  "id": "CVE-2024-20001",
  "lastModified": "2024-11-21T08:51:45.983",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-02-05T06:15:47.027",
  "references": [
    {
      "source": "security@mediatek.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"
    }
  ],
  "sourceIdentifier": "security@mediatek.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-06-06 13:15
Modified
2025-01-08 15:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178.
References
security@mediatek.comhttps://corp.mediatek.com/product-security-bulletin/June-2023Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://corp.mediatek.com/product-security-bulletin/June-2023Vendor Advisory
Impacted products
Vendor Product Version
linuxfoundation iot-yocto 22.2
linuxfoundation yocto 4.0
google android 12.0
google android 13.0
mediatek mt5696 -
mediatek mt5836 -
mediatek mt5838 -
mediatek mt6768 -
mediatek mt6769 -
mediatek mt6779 -
mediatek mt6781 -
mediatek mt6785 -
mediatek mt6789 -
mediatek mt6833 -
mediatek mt6853 -
mediatek mt6853t -
mediatek mt6873 -
mediatek mt6875 -
mediatek mt6877 -
mediatek mt6883 -
mediatek mt6885 -
mediatek mt6889 -
mediatek mt6891 -
mediatek mt6893 -
mediatek mt8168 -
mediatek mt8175 -
mediatek mt8195 -
mediatek mt8365 -
mediatek mt8395 -
mediatek mt8673 -
mediatek mt8781 -
mediatek mt8786 -
mediatek mt8789 -
mediatek mt8791t -
mediatek mt8797 -
mediatek mt9000 -
mediatek mt9015 -
mediatek mt9023 -
mediatek mt9025 -
mediatek mt9618 -
mediatek mt9649 -
mediatek mt9653 -
mediatek mt9679 -
mediatek mt9687 -
mediatek mt9689 -
mediatek mt9902 -
mediatek mt9932 -
mediatek mt9952 -
mediatek mt9972 -
mediatek mt9982 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B20DD930-83A1-4715-AD51-458ECA2578D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5836:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "222E4ECD-459A-4422-947F-FF26E026BC56",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5838:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E72667B1-71C3-4DB5-A5E4-BC8212B1B00B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0200228-E2A8-4DBE-A4DA-7AC7D4B9DE99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354492FD-4052-41F8-805E-55F387AF8F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "591A2A8B-DB5D-42BC-99A6-0D0DAB45C645",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6133E43-E032-4334-88C7-116B27B3090D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C6E88C-46DD-45AB-88C1-B69FC0E25056",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BC3AE7-4180-4B8C-AB69-8AC4F502700D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "717AE700-78CC-4750-92CB-C9293571EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9687:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC2011E-7629-477E-A898-9748119F7A23",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42C58EE-7A5A-42BE-9C64-1A0F3657AA05",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9932:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB40D8E-E934-47B1-A3A9-102F39C2FF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9952:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0407203F-F9DE-4899-B0E6-226A7E9952CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9972:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C76B993-B660-41EB-A66A-96011A044BF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9982:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8F0452-97F5-4BC6-AC85-42A24721F7CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178."
    }
  ],
  "id": "CVE-2023-20735",
  "lastModified": "2025-01-08T15:15:11.980",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-06-06T13:15:12.910",
  "references": [
    {
      "source": "security@mediatek.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/June-2023"
    }
  ],
  "sourceIdentifier": "security@mediatek.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}