Vulnerabilites related to mediatek - mt9603
cve-2024-20001
Vulnerability from cvelistv5
Published
2024-02-05 05:59
Modified
2024-08-01 21:52
Severity ?
EPSS score ?
Summary
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T21:52:31.394Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT5583, MT5586, MT5691, MT5695, MT5696, MT9010, MT9011, MT9012, MT9015, MT9016, MT9020, MT9021, MT9022, MT9025, MT9026, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9603, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9633, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9660, MT9666, MT9667, MT9669, MT9671, MT9675, MT9679, MT9685, MT9686, MT9688, MT9689", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Android 11.0, 12.0, 13.0, 14.0", }, ], }, ], descriptions: [ { lang: "en", value: "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-05T05:59:41.091Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20001", datePublished: "2024-02-05T05:59:41.091Z", dateReserved: "2023-11-02T13:35:35.146Z", dateUpdated: "2024-08-01T21:52:31.394Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20002
Vulnerability from cvelistv5
Published
2024-02-05 05:59
Modified
2024-08-01 21:52
Severity ?
EPSS score ?
Summary
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT5583, MT5586, MT5691, MT5695, MT5696, MT9010, MT9011, MT9012, MT9015, MT9016, MT9020, MT9021, MT9022, MT9025, MT9026, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9603, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9633, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9660, MT9666, MT9667, MT9669, MT9671, MT9675, MT9679, MT9685, MT9686, MT9688, MT9689 |
Version: Android 11.0, 12.0, 13.0, 14.0 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T21:52:31.242Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT5583, MT5586, MT5691, MT5695, MT5696, MT9010, MT9011, MT9012, MT9015, MT9016, MT9020, MT9021, MT9022, MT9025, MT9026, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9603, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9633, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9660, MT9666, MT9667, MT9669, MT9671, MT9675, MT9679, MT9685, MT9686, MT9688, MT9689", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Android 11.0, 12.0, 13.0, 14.0", }, ], }, ], descriptions: [ { lang: "en", value: "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-05T05:59:42.613Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20002", datePublished: "2024-02-05T05:59:42.613Z", dateReserved: "2023-11-02T13:35:35.146Z", dateUpdated: "2024-08-01T21:52:31.242Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2024-02-05 06:15
Modified
2024-11-21 08:51
Severity ?
Summary
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
android | 11.0 | ||
android | 12.0 | ||
android | 13.0 | ||
android | 14.0 | ||
mediatek | mt5583 | - | |
mediatek | mt5586 | - | |
mediatek | mt5691 | - | |
mediatek | mt5695 | - | |
mediatek | mt5696 | - | |
mediatek | mt9010 | - | |
mediatek | mt9011 | - | |
mediatek | mt9012 | - | |
mediatek | mt9015 | - | |
mediatek | mt9016 | - | |
mediatek | mt9020 | - | |
mediatek | mt9021 | - | |
mediatek | mt9022 | - | |
mediatek | mt9025 | - | |
mediatek | mt9026 | - | |
mediatek | mt9216 | - | |
mediatek | mt9218 | - | |
mediatek | mt9220 | - | |
mediatek | mt9221 | - | |
mediatek | mt9222 | - | |
mediatek | mt9255 | - | |
mediatek | mt9256 | - | |
mediatek | mt9266 | - | |
mediatek | mt9269 | - | |
mediatek | mt9286 | - | |
mediatek | mt9288 | - | |
mediatek | mt9602 | - | |
mediatek | mt9603 | - | |
mediatek | mt9610 | - | |
mediatek | mt9611 | - | |
mediatek | mt9612 | - | |
mediatek | mt9613 | - | |
mediatek | mt9615 | - | |
mediatek | mt9617 | - | |
mediatek | mt9618 | - | |
mediatek | mt9629 | - | |
mediatek | mt9630 | - | |
mediatek | mt9631 | - | |
mediatek | mt9632 | - | |
mediatek | mt9633 | - | |
mediatek | mt9636 | - | |
mediatek | mt9638 | - | |
mediatek | mt9639 | - | |
mediatek | mt9649 | - | |
mediatek | mt9650 | - | |
mediatek | mt9652 | - | |
mediatek | mt9653 | - | |
mediatek | mt9660 | - | |
mediatek | mt9666 | - | |
mediatek | mt9667 | - | |
mediatek | mt9669 | - | |
mediatek | mt9671 | - | |
mediatek | mt9675 | - | |
mediatek | mt9679 | - | |
mediatek | mt9685 | - | |
mediatek | mt9686 | - | |
mediatek | mt9688 | - | |
mediatek | mt9689 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", matchCriteriaId: "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", matchCriteriaId: "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", matchCriteriaId: "879FFD0C-9B38-4CAA-B057-1086D794D469", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", matchCriteriaId: "2700BCC5-634D-4EC6-AB67-5B678D5F951D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5583:-:*:*:*:*:*:*:*", matchCriteriaId: "6C394724-3294-4953-85C8-EE3894B5092C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt5586:-:*:*:*:*:*:*:*", matchCriteriaId: "E684A498-10F3-4BD8-9935-9ED5933F9157", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt5691:-:*:*:*:*:*:*:*", matchCriteriaId: "96BD96BE-10BC-4C7E-8A48-C7CB08A61765", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt5695:-:*:*:*:*:*:*:*", matchCriteriaId: "75A56009-090B-4101-B000-224412058654", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*", matchCriteriaId: "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9010:-:*:*:*:*:*:*:*", matchCriteriaId: "3EC50C1C-A31D-4EDF-AB6A-FA1E92AE7F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9011:-:*:*:*:*:*:*:*", matchCriteriaId: "CEE06B45-7F23-4EB5-9885-4FCA0FC0D5C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9012:-:*:*:*:*:*:*:*", matchCriteriaId: "CBFB4E04-7BC0-4B48-ABD7-6971E4725895", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*", matchCriteriaId: "354492FD-4052-41F8-805E-55F387AF8F17", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9016:-:*:*:*:*:*:*:*", matchCriteriaId: "EE1DD6A9-E503-4A8E-92FF-625CD734DBD6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9020:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAAF66C-9C81-498B-A0C0-3295CB7324A9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9021:-:*:*:*:*:*:*:*", matchCriteriaId: "3E1092AC-60EC-453C-9AA9-8F35A2A6DF92", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9022:-:*:*:*:*:*:*:*", matchCriteriaId: "350ED16A-35A5-4F54-A01F-6EADE58E5530", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*", matchCriteriaId: "A6133E43-E032-4334-88C7-116B27B3090D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9026:-:*:*:*:*:*:*:*", matchCriteriaId: "49437377-6D2F-40FD-8CCF-29179C19D296", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9216:-:*:*:*:*:*:*:*", matchCriteriaId: "4B45803F-1AD2-47C8-BB9B-276628A0D605", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9218:-:*:*:*:*:*:*:*", matchCriteriaId: "B028E80F-396F-4898-841D-9E99DE54FAC2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9220:-:*:*:*:*:*:*:*", matchCriteriaId: "6FB0DB25-6CFF-4688-B423-6CC0252C3B59", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9221:-:*:*:*:*:*:*:*", matchCriteriaId: "B9E90123-D7DC-4C68-B2F9-27DCEDED2FC6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9222:-:*:*:*:*:*:*:*", matchCriteriaId: "5B250A0A-BE50-45B6-AD72-8EA876F64DD4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9255:-:*:*:*:*:*:*:*", matchCriteriaId: "D9C5A33A-7B04-4E14-A268-A717CD2420DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*", matchCriteriaId: "FAC84405-17EE-4C25-8477-317F2A6A095F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9266:-:*:*:*:*:*:*:*", matchCriteriaId: "85C42802-293E-448B-A059-DFDEF1D97EC2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9269:-:*:*:*:*:*:*:*", matchCriteriaId: "F19E7E64-721E-436B-B879-D1EDE5EFF84C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*", matchCriteriaId: "4CEEB709-8C7B-48AF-B359-9CE9C68790D5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*", matchCriteriaId: "6081A92B-4361-462A-9F7F-570AC7256CDB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9602:-:*:*:*:*:*:*:*", matchCriteriaId: "49ED757E-42DD-4176-B216-915EFD8E2F40", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9603:-:*:*:*:*:*:*:*", matchCriteriaId: "26696662-6232-458A-A1E1-067CBDB62FA9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9610:-:*:*:*:*:*:*:*", matchCriteriaId: "6BA3286D-A136-4EB2-A181-6EF8A556EFDF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9611:-:*:*:*:*:*:*:*", matchCriteriaId: "8A9F24C9-2A69-44D9-A16B-E4187230F984", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9612:-:*:*:*:*:*:*:*", matchCriteriaId: "BD04E099-75F4-48F6-BB8C-28A5D6FB8F60", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9613:-:*:*:*:*:*:*:*", matchCriteriaId: "E92602E3-1B1B-4683-801D-D151919C63EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9615:-:*:*:*:*:*:*:*", matchCriteriaId: "0AF44498-001B-4A51-AB32-EBC206B14741", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9617:-:*:*:*:*:*:*:*", matchCriteriaId: "F2E6E130-9F65-482B-AF8B-97DA81FCE19E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*", matchCriteriaId: "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*", matchCriteriaId: "47E5EE7B-1208-4007-AF87-6DC309FFE312", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9630:-:*:*:*:*:*:*:*", matchCriteriaId: "9FE404F4-FFAE-4646-9234-15230F0577F1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*", matchCriteriaId: "CA834B63-F689-48BA-84E6-500351990BFD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*", matchCriteriaId: "EF1B3B37-22C4-42F4-8264-07512619D706", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9633:-:*:*:*:*:*:*:*", matchCriteriaId: "5CF26725-1701-40F4-83E9-1A4709B60763", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*", matchCriteriaId: "11B89606-5FD7-4513-984A-16217D37BF4B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*", matchCriteriaId: "76F4FC23-534B-449A-8344-1F13AE9C8C57", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*", matchCriteriaId: "392C9A58-EAB1-44B5-B189-98C68CC23199", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*", matchCriteriaId: "C1C6E88C-46DD-45AB-88C1-B69FC0E25056", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*", matchCriteriaId: "2D0EF507-52A0-45D1-AC26-97F765E691FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*", matchCriteriaId: "C826242C-440E-4D85-841E-570E9C69777C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*", matchCriteriaId: "63BC3AE7-4180-4B8C-AB69-8AC4F502700D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9660:-:*:*:*:*:*:*:*", matchCriteriaId: "DB80E351-B6E5-4571-A603-04A3A6AFB8CB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9666:-:*:*:*:*:*:*:*", matchCriteriaId: "1A4E9A32-6267-4AB3-B9A9-BBC79ED2F343", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9667:-:*:*:*:*:*:*:*", matchCriteriaId: "CD7AC916-FF8D-430D-837C-0587056198AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*", matchCriteriaId: "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9671:-:*:*:*:*:*:*:*", matchCriteriaId: "94F5F738-459C-4316-80AF-1B9C33E0F36B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*", matchCriteriaId: "046B7E06-8C40-4D37-8D10-4816E51CA143", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*", matchCriteriaId: "717AE700-78CC-4750-92CB-C9293571EC7D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*", matchCriteriaId: "CFD9AD54-9F0F-414B-8936-3A981657D6AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*", matchCriteriaId: "4B429106-36BE-42F2-8D05-FB9EF00BDFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*", matchCriteriaId: "F7D78E76-6A3B-4736-B7E7-C9032CDA845B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*", matchCriteriaId: "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601.", }, { lang: "es", value: "En TVAPI, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: DTV03961601; ID del problema: DTV03961601.", }, ], id: "CVE-2024-20001", lastModified: "2024-11-21T08:51:45.983", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-05T06:15:47.027", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-05 06:15
Modified
2024-11-21 08:51
Severity ?
Summary
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
android | 11.0 | ||
android | 12.0 | ||
android | 13.0 | ||
android | 14.0 | ||
mediatek | mt5583 | - | |
mediatek | mt5586 | - | |
mediatek | mt5691 | - | |
mediatek | mt5695 | - | |
mediatek | mt5696 | - | |
mediatek | mt9010 | - | |
mediatek | mt9011 | - | |
mediatek | mt9012 | - | |
mediatek | mt9015 | - | |
mediatek | mt9016 | - | |
mediatek | mt9020 | - | |
mediatek | mt9021 | - | |
mediatek | mt9022 | - | |
mediatek | mt9025 | - | |
mediatek | mt9026 | - | |
mediatek | mt9216 | - | |
mediatek | mt9218 | - | |
mediatek | mt9220 | - | |
mediatek | mt9221 | - | |
mediatek | mt9222 | - | |
mediatek | mt9255 | - | |
mediatek | mt9256 | - | |
mediatek | mt9266 | - | |
mediatek | mt9269 | - | |
mediatek | mt9286 | - | |
mediatek | mt9288 | - | |
mediatek | mt9602 | - | |
mediatek | mt9603 | - | |
mediatek | mt9610 | - | |
mediatek | mt9611 | - | |
mediatek | mt9612 | - | |
mediatek | mt9613 | - | |
mediatek | mt9615 | - | |
mediatek | mt9617 | - | |
mediatek | mt9618 | - | |
mediatek | mt9629 | - | |
mediatek | mt9630 | - | |
mediatek | mt9631 | - | |
mediatek | mt9632 | - | |
mediatek | mt9633 | - | |
mediatek | mt9636 | - | |
mediatek | mt9638 | - | |
mediatek | mt9639 | - | |
mediatek | mt9649 | - | |
mediatek | mt9650 | - | |
mediatek | mt9652 | - | |
mediatek | mt9653 | - | |
mediatek | mt9660 | - | |
mediatek | mt9666 | - | |
mediatek | mt9667 | - | |
mediatek | mt9669 | - | |
mediatek | mt9671 | - | |
mediatek | mt9675 | - | |
mediatek | mt9679 | - | |
mediatek | mt9685 | - | |
mediatek | mt9686 | - | |
mediatek | mt9688 | - | |
mediatek | mt9689 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", matchCriteriaId: "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", matchCriteriaId: "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", matchCriteriaId: "879FFD0C-9B38-4CAA-B057-1086D794D469", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", matchCriteriaId: "2700BCC5-634D-4EC6-AB67-5B678D5F951D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt5583:-:*:*:*:*:*:*:*", matchCriteriaId: "6C394724-3294-4953-85C8-EE3894B5092C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt5586:-:*:*:*:*:*:*:*", matchCriteriaId: "E684A498-10F3-4BD8-9935-9ED5933F9157", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt5691:-:*:*:*:*:*:*:*", matchCriteriaId: "96BD96BE-10BC-4C7E-8A48-C7CB08A61765", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt5695:-:*:*:*:*:*:*:*", matchCriteriaId: "75A56009-090B-4101-B000-224412058654", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*", matchCriteriaId: "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9010:-:*:*:*:*:*:*:*", matchCriteriaId: "3EC50C1C-A31D-4EDF-AB6A-FA1E92AE7F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9011:-:*:*:*:*:*:*:*", matchCriteriaId: "CEE06B45-7F23-4EB5-9885-4FCA0FC0D5C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9012:-:*:*:*:*:*:*:*", matchCriteriaId: "CBFB4E04-7BC0-4B48-ABD7-6971E4725895", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*", matchCriteriaId: "354492FD-4052-41F8-805E-55F387AF8F17", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9016:-:*:*:*:*:*:*:*", matchCriteriaId: "EE1DD6A9-E503-4A8E-92FF-625CD734DBD6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9020:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAAF66C-9C81-498B-A0C0-3295CB7324A9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9021:-:*:*:*:*:*:*:*", matchCriteriaId: "3E1092AC-60EC-453C-9AA9-8F35A2A6DF92", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9022:-:*:*:*:*:*:*:*", matchCriteriaId: "350ED16A-35A5-4F54-A01F-6EADE58E5530", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*", matchCriteriaId: "A6133E43-E032-4334-88C7-116B27B3090D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9026:-:*:*:*:*:*:*:*", matchCriteriaId: "49437377-6D2F-40FD-8CCF-29179C19D296", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9216:-:*:*:*:*:*:*:*", matchCriteriaId: "4B45803F-1AD2-47C8-BB9B-276628A0D605", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9218:-:*:*:*:*:*:*:*", matchCriteriaId: "B028E80F-396F-4898-841D-9E99DE54FAC2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9220:-:*:*:*:*:*:*:*", matchCriteriaId: "6FB0DB25-6CFF-4688-B423-6CC0252C3B59", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9221:-:*:*:*:*:*:*:*", matchCriteriaId: "B9E90123-D7DC-4C68-B2F9-27DCEDED2FC6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9222:-:*:*:*:*:*:*:*", matchCriteriaId: "5B250A0A-BE50-45B6-AD72-8EA876F64DD4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9255:-:*:*:*:*:*:*:*", matchCriteriaId: "D9C5A33A-7B04-4E14-A268-A717CD2420DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*", matchCriteriaId: "FAC84405-17EE-4C25-8477-317F2A6A095F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9266:-:*:*:*:*:*:*:*", matchCriteriaId: "85C42802-293E-448B-A059-DFDEF1D97EC2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9269:-:*:*:*:*:*:*:*", matchCriteriaId: "F19E7E64-721E-436B-B879-D1EDE5EFF84C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*", matchCriteriaId: "4CEEB709-8C7B-48AF-B359-9CE9C68790D5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*", matchCriteriaId: "6081A92B-4361-462A-9F7F-570AC7256CDB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9602:-:*:*:*:*:*:*:*", matchCriteriaId: "49ED757E-42DD-4176-B216-915EFD8E2F40", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9603:-:*:*:*:*:*:*:*", matchCriteriaId: "26696662-6232-458A-A1E1-067CBDB62FA9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9610:-:*:*:*:*:*:*:*", matchCriteriaId: "6BA3286D-A136-4EB2-A181-6EF8A556EFDF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9611:-:*:*:*:*:*:*:*", matchCriteriaId: "8A9F24C9-2A69-44D9-A16B-E4187230F984", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9612:-:*:*:*:*:*:*:*", matchCriteriaId: "BD04E099-75F4-48F6-BB8C-28A5D6FB8F60", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9613:-:*:*:*:*:*:*:*", matchCriteriaId: "E92602E3-1B1B-4683-801D-D151919C63EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9615:-:*:*:*:*:*:*:*", matchCriteriaId: "0AF44498-001B-4A51-AB32-EBC206B14741", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9617:-:*:*:*:*:*:*:*", matchCriteriaId: "F2E6E130-9F65-482B-AF8B-97DA81FCE19E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*", matchCriteriaId: "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*", matchCriteriaId: "47E5EE7B-1208-4007-AF87-6DC309FFE312", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9630:-:*:*:*:*:*:*:*", matchCriteriaId: "9FE404F4-FFAE-4646-9234-15230F0577F1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*", matchCriteriaId: "CA834B63-F689-48BA-84E6-500351990BFD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*", matchCriteriaId: "EF1B3B37-22C4-42F4-8264-07512619D706", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9633:-:*:*:*:*:*:*:*", matchCriteriaId: "5CF26725-1701-40F4-83E9-1A4709B60763", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*", matchCriteriaId: "11B89606-5FD7-4513-984A-16217D37BF4B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*", matchCriteriaId: "76F4FC23-534B-449A-8344-1F13AE9C8C57", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*", matchCriteriaId: "392C9A58-EAB1-44B5-B189-98C68CC23199", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*", matchCriteriaId: "C1C6E88C-46DD-45AB-88C1-B69FC0E25056", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*", matchCriteriaId: "2D0EF507-52A0-45D1-AC26-97F765E691FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*", matchCriteriaId: "C826242C-440E-4D85-841E-570E9C69777C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*", matchCriteriaId: "63BC3AE7-4180-4B8C-AB69-8AC4F502700D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9660:-:*:*:*:*:*:*:*", matchCriteriaId: "DB80E351-B6E5-4571-A603-04A3A6AFB8CB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9666:-:*:*:*:*:*:*:*", matchCriteriaId: "1A4E9A32-6267-4AB3-B9A9-BBC79ED2F343", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9667:-:*:*:*:*:*:*:*", matchCriteriaId: "CD7AC916-FF8D-430D-837C-0587056198AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*", matchCriteriaId: "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9671:-:*:*:*:*:*:*:*", matchCriteriaId: "94F5F738-459C-4316-80AF-1B9C33E0F36B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*", matchCriteriaId: "046B7E06-8C40-4D37-8D10-4816E51CA143", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*", matchCriteriaId: "717AE700-78CC-4750-92CB-C9293571EC7D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*", matchCriteriaId: "CFD9AD54-9F0F-414B-8936-3A981657D6AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*", matchCriteriaId: "4B429106-36BE-42F2-8D05-FB9EF00BDFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*", matchCriteriaId: "F7D78E76-6A3B-4736-B7E7-C9032CDA845B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*", matchCriteriaId: "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715.", }, { lang: "es", value: "En TVAPI, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: DTV03961715; ID del problema: DTV03961715.", }, ], id: "CVE-2024-20002", lastModified: "2024-11-21T08:51:46.143", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-05T06:15:47.083", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }