Vulnerabilites related to mediatek - mt6298
Vulnerability from fkie_nvd
Published
2024-06-03 02:15
Modified
2025-04-25 18:38
Summary
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D09F23D-D023-4A60-B426-61251FDD8A5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.",
      },
      {
         lang: "es",
         value: "En los módems, existe una posible divulgación de información debido al uso de algoritmos criptográficos riesgosos durante la negociación del establecimiento de la conexión. Esto podría conducir a la divulgación remota de información, cuando se utiliza un algoritmo de cifrado débil, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY00942482; ID del problema: MSV-1469.",
      },
   ],
   id: "CVE-2024-20070",
   lastModified: "2025-04-25T18:38:13.850",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "LOW",
               baseScore: 5.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.5,
            impactScore: 2.5,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2024-06-03T02:15:09.093",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-327",
            },
         ],
         source: "security@mediatek.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-327",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).",
      },
      {
         lang: "es",
         value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01130204; ID del problema: MOLY01130204 (MSV-849).",
      },
   ],
   id: "CVE-2023-32843",
   lastModified: "2024-11-21T08:04:10.123",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-12-04T04:15:07.463",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-617",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).",
      },
      {
         lang: "es",
         value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01128524 (MSV-846).",
      },
   ],
   id: "CVE-2023-32841",
   lastModified: "2024-11-21T08:04:09.867",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-12-04T04:15:07.347",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-617",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).",
      },
      {
         lang: "es",
         value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01130256; ID del problema: MOLY01130256 (MSV-848).",
      },
   ],
   id: "CVE-2023-32842",
   lastModified: "2024-11-21T08:04:10.000",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-12-04T04:15:07.417",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-617",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-06-03 02:15
Modified
2025-03-27 16:15
Summary
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F419FE2-2D6D-48EE-9B6C-E88AC5D44186",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68AA1CF7-F1CB-44A0-980E-DB32D9E379B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.",
      },
      {
         lang: "es",
         value: "En el módem, existe una posible escritura fuera de los límites debido a una verificación de los límites incorrecta. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01267281; ID del problema: MSV-1477.",
      },
   ],
   id: "CVE-2024-20066",
   lastModified: "2025-03-27T16:15:21.380",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2024-06-03T02:15:08.630",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "security@mediatek.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).",
      },
      {
         lang: "es",
         value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01139296 (MSV-860).",
      },
   ],
   id: "CVE-2023-32845",
   lastModified: "2024-11-21T08:04:10.380",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-12-04T04:15:07.567",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-617",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-04-01 03:15
Modified
2025-04-23 13:48
Summary
In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6528FA05-C8B7-498B-93BE-0BEFED28C1FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt3967:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F7108A7-4925-45DF-8705-04F147DB5CF2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0002C537-4268-43CA-B349-BC14F1F0313C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE80B083-D5A3-418C-9655-C79C9DECB4C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6785u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "14DD4149-ACBE-47B8-B52E-7CE8EECA3615",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F419FE2-2D6D-48EE-9B6C-E88AC5D44186",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68AA1CF7-F1CB-44A0-980E-DB32D9E379B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.",
      },
      {
         lang: "es",
         value: "En el protocolo de módem, existe una posible escritura fuera de los límites debido a una comprobación de los límites faltantes. Esto podría conducir a la ejecución remota de código sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01240012; ID del problema: MSV-1215.",
      },
   ],
   id: "CVE-2024-20039",
   lastModified: "2025-04-23T13:48:41.747",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2024-04-01T03:15:07.780",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/April-2024",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/April-2024",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
         type: "Secondary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-06-03 02:15
Modified
2025-04-25 18:38
Summary
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F419FE2-2D6D-48EE-9B6C-E88AC5D44186",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68AA1CF7-F1CB-44A0-980E-DB32D9E379B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D09F23D-D023-4A60-B426-61251FDD8A5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479.",
      },
      {
         lang: "es",
         value: "En el módem, existe una posible falla del sistema debido a una validación de entrada incorrecta. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01270721; ID del problema: MSV-1479.",
      },
   ],
   id: "CVE-2024-20068",
   lastModified: "2025-04-25T18:38:30.833",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 3.6,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2024-06-03T02:15:08.873",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "security@mediatek.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).",
      },
      {
         lang: "es",
         value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01138453 (MSV-861).",
      },
   ],
   id: "CVE-2023-32846",
   lastModified: "2024-11-21T08:04:10.520",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-12-04T04:15:07.613",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-617",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).",
      },
      {
         lang: "es",
         value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01130183 (MSV-850).",
      },
   ],
   id: "CVE-2023-32844",
   lastModified: "2024-11-21T08:04:10.253",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-12-04T04:15:07.510",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-617",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2024-20068
Vulnerability from cvelistv5
Published
2024-06-03 02:04
Modified
2024-11-21 15:05
Summary
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "HIGH",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 5.9,
                     baseSeverity: "MEDIUM",
                     confidentialityImpact: "NONE",
                     integrityImpact: "NONE",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-20068",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-03T20:06:47.347209Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-21T15:05:30.216Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:52:31.742Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT6298, MT6813, MT6815, MT6835, MT6878, MT6879, MT6895, MT6895T, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6986, MT6986D, MT6990, MT6991, MT8673, MT8675, MT8771, MT8791T, MT8792, MT8797, MT8798",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem NR16, NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "CWE-787 Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-03T02:04:47.010Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2024-20068",
      datePublished: "2024-06-03T02:04:47.010Z",
      dateReserved: "2023-11-02T13:35:35.170Z",
      dateUpdated: "2024-11-21T15:05:30.216Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-32841
Vulnerability from cvelistv5
Published
2023-12-04 03:45
Modified
2024-08-02 15:32
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T15:32:46.440Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem NR15, NR16, and NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-12-04T03:45:59.231Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2023-32841",
      datePublished: "2023-12-04T03:45:59.231Z",
      dateReserved: "2023-05-16T03:04:32.153Z",
      dateUpdated: "2024-08-02T15:32:46.440Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-20070
Vulnerability from cvelistv5
Published
2024-06-03 02:04
Modified
2024-11-15 21:08
Summary
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "LOCAL",
                     availabilityImpact: "LOW",
                     baseScore: 5.1,
                     baseSeverity: "MEDIUM",
                     confidentialityImpact: "LOW",
                     integrityImpact: "NONE",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-20070",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-05T20:44:45.395748Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T21:08:38.398Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:52:31.781Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6878, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6990, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8786, MT8791T, MT8792, MT8797, MT8798",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem NR15, NR16, NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-327",
                     description: "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-03T02:04:50.274Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2024-20070",
      datePublished: "2024-06-03T02:04:50.274Z",
      dateReserved: "2023-11-02T13:35:35.171Z",
      dateUpdated: "2024-11-15T21:08:38.398Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-32845
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-28 19:32
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T15:32:45.095Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt2735",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt2737",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6297",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6298",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6813",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6815",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6833",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6835",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6853",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6855",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6873",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6875",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6875t",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6877",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6879",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6880",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6883",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6885",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6886",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6889",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6890",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6891",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6893",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6895",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6895t",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6896",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6897",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6980",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6980d",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6983",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6985",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6989",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6990",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "modem_nr15_nr16_nr17",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-32845",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-28T18:53:53.230062Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-28T19:32:20.281Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem NR15, NR16, and NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-12-04T03:46:04.973Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2023-32845",
      datePublished: "2023-12-04T03:46:04.973Z",
      dateReserved: "2023-05-16T03:04:32.154Z",
      dateUpdated: "2024-08-28T19:32:20.281Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-32846
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T15:32:46.543Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem NR15, NR16, and NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-12-04T03:46:06.378Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2023-32846",
      datePublished: "2023-12-04T03:46:06.378Z",
      dateReserved: "2023-05-16T03:04:32.155Z",
      dateUpdated: "2024-08-02T15:32:46.543Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-20039
Vulnerability from cvelistv5
Published
2024-04-01 02:34
Modified
2024-08-01 21:52
Summary
In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "lr12a",
                  vendor: "mediatek",
                  versions: [
                     {
                        lessThan: "moly01240012",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "lr13",
                  vendor: "mediatek",
                  versions: [
                     {
                        lessThan: "moly01240012",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nr15",
                  vendor: "mediatek",
                  versions: [
                     {
                        lessThan: "moly01240012",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nr16",
                  vendor: "mediatek",
                  versions: [
                     {
                        lessThan: "moly01240012",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nr17",
                  vendor: "mediatek",
                  versions: [
                     {
                        lessThan: "moly01240012",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 8.8,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "LOW",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-20039",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-04-01T17:50:38.500889Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-787",
                        description: "CWE-787 Out-of-bounds Write",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-01T14:27:16.305Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:52:31.735Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/April-2024",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT2731, MT2735, MT2737, MT3967, MT6297, MT6298, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6986, MT6986D, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8676, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem LR12A, LR13, NR15, NR16, NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Remote Code Execution",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-04-01T02:34:49.330Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/April-2024",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2024-20039",
      datePublished: "2024-04-01T02:34:49.330Z",
      dateReserved: "2023-11-02T13:35:35.153Z",
      dateUpdated: "2024-08-01T21:52:31.735Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-32844
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T15:32:46.588Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem NR15, NR16, and NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-12-04T03:46:03.547Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2023-32844",
      datePublished: "2023-12-04T03:46:03.547Z",
      dateReserved: "2023-05-16T03:04:32.153Z",
      dateUpdated: "2024-08-02T15:32:46.588Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-20066
Vulnerability from cvelistv5
Published
2024-06-03 02:04
Modified
2025-03-27 15:50
Summary
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6298",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6813",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6815",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6835",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6878",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6879",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6895",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6895t",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6896",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6897",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6899",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6980",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6980d",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6983",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6986",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6986d",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6990",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt6991",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt8673",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt8792",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mt8798",
                  vendor: "mediatek",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 7.5,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "NONE",
                     integrityImpact: "NONE",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-20066",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-27T20:28:28.850845Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-27T15:50:05.143Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:52:31.671Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT6298, MT6813, MT6815, MT6835, MT6878, MT6879, MT6895, MT6895T, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6986, MT6986D, MT6990, MT6991, MT8673, MT8792, MT8798",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem NR16, NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "CWE-787 Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-03T02:04:43.910Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/June-2024",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2024-20066",
      datePublished: "2024-06-03T02:04:43.910Z",
      dateReserved: "2023-11-02T13:35:35.170Z",
      dateUpdated: "2025-03-27T15:50:05.143Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-32842
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T15:32:44.816Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem NR15, NR16, and NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-12-04T03:46:00.658Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2023-32842",
      datePublished: "2023-12-04T03:46:00.658Z",
      dateReserved: "2023-05-16T03:04:32.153Z",
      dateUpdated: "2024-08-02T15:32:44.816Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-32843
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T15:32:46.547Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Modem NR15, NR16, and NR17",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-12-04T03:46:02.107Z",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               url: "https://corp.mediatek.com/product-security-bulletin/December-2023",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2023-32843",
      datePublished: "2023-12-04T03:46:02.107Z",
      dateReserved: "2023-05-16T03:04:32.153Z",
      dateUpdated: "2024-08-02T15:32:46.547Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}