Vulnerabilites related to mediatek - mt6980d
cve-2023-32840
Vulnerability from cvelistv5
Published
2023-11-06 03:50
Modified
2024-09-05 15:06
Severity ?
EPSS score ?
Summary
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:44.816Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2731", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2735", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6731", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6739", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6761", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6762", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6763", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6765", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6767", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6768", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769z", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6771", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6771t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6771t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6813", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6833", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6833p", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6853", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6853t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6855", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6873", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6875", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6877", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6877t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6878", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6879", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6880", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6883", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6885", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6886", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6889", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6890", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6891", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6893", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6896", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6897", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980d", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983w", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983z", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6985", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6985t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6989", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6990", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8666", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8667", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8673", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8675", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8765", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8766", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8768", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8781", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8786", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8788", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8789", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8791", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8791t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8797", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8798", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-32840", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-05T15:06:09.151529Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-05T15:06:29.403Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2731, MT2735, MT6731, MT6739, MT6761, MT6762, MT6763, MT6765, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6771T, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR12A, NR15, NR16, VMOLYN, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-06T03:50:57.414Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32840", datePublished: "2023-11-06T03:50:57.414Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-09-05T15:06:29.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20131
Vulnerability from cvelistv5
Published
2024-12-02 03:07
Modified
2024-12-03 04:55
Severity ?
EPSS score ?
Summary
In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2737", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt2739:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2739", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6789", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6813", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6815", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6855", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6878", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6878t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6878t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6879", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6886", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6896", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6897", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6899", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980d", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6985", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6986", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6986d", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6988:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6988", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6989", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6990", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6991", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8673", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8676", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8795t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8798", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-20131", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-02T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T04:55:28.022Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2737, MT2739, MT6789, MT6813, MT6815, MT6835, MT6835T, MT6855, MT6878, MT6878T, MT6879, MT6886, MT6895, MT6895T, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6985, MT6986, MT6986D, MT6988, MT6989, MT6990, MT6991, MT8673, MT8676, MT8795T, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-02T03:07:01.838Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20131", datePublished: "2024-12-02T03:07:01.838Z", dateReserved: "2023-11-02T13:35:35.181Z", dateUpdated: "2024-12-03T04:55:28.022Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20068
Vulnerability from cvelistv5
Published
2024-06-03 02:04
Modified
2024-11-21 15:05
Severity ?
EPSS score ?
Summary
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479.
References
Impacted products
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-20068", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-03T20:06:47.347209Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T15:05:30.216Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T21:52:31.742Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT6298, MT6813, MT6815, MT6835, MT6878, MT6879, MT6895, MT6895T, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6986, MT6986D, MT6990, MT6991, MT8673, MT8675, MT8771, MT8791T, MT8792, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-03T02:04:47.010Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20068", datePublished: "2024-06-03T02:04:47.010Z", dateReserved: "2023-11-02T13:35:35.170Z", dateUpdated: "2024-11-21T15:05:30.216Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32841
Vulnerability from cvelistv5
Published
2023-12-04 03:45
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.440Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:45:59.231Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32841", datePublished: "2023-12-04T03:45:59.231Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-08-02T15:32:46.440Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20726
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2025-01-24 15:01
Severity ?
EPSS score ?
Summary
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:14:40.402Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/May-2023", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-20726", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-24T15:00:15.127141Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-24T15:01:08.247Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2731, MT2735, MT2737, MT6580, MT6739, MT6761, MT6762, MT6765, MT6767, MT6768, MT6769, MT6771, MT6779, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6980, MT6980D, MT6983, MT6985, MT6990, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Android 11.0, 12.0, 13.0 / OpenWrt 19.07, 21.02 / Yocto 2.6, 3.3 / RDKB 2022Q3", }, ], }, ], descriptions: [ { lang: "en", value: "In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T00:00:00.000Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/May-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-20726", datePublished: "2023-05-15T00:00:00.000Z", dateReserved: "2022-10-28T00:00:00.000Z", dateUpdated: "2025-01-24T15:01:08.247Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20070
Vulnerability from cvelistv5
Published
2024-06-03 02:04
Modified
2024-11-15 21:08
Severity ?
EPSS score ?
Summary
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.
References
Impacted products
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2024-20070", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-05T20:44:45.395748Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T21:08:38.398Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T21:52:31.781Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6878, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6990, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8786, MT8791T, MT8792, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-327", description: "CWE-327 Use of a Broken or Risky Cryptographic Algorithm", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-03T02:04:50.274Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20070", datePublished: "2024-06-03T02:04:50.274Z", dateReserved: "2023-11-02T13:35:35.171Z", dateUpdated: "2024-11-15T21:08:38.398Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32888
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.489Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:50:03.942Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32888", datePublished: "2024-01-02T02:50:03.942Z", dateReserved: "2023-05-16T03:04:32.174Z", dateUpdated: "2024-08-02T15:32:46.489Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32845
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-28 19:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:45.095Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2735", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2737", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6297", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6298", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6813", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6815", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6833", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6853", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6855", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6873", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6875", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6875t", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6877", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6879", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6880", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6883", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6885", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6886", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6889", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6890", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6891", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6893", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895t", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6896", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6897", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980d", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6985", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6989", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6990", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-32845", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-28T18:53:53.230062Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T19:32:20.281Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:04.973Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32845", datePublished: "2023-12-04T03:46:04.973Z", dateReserved: "2023-05-16T03:04:32.154Z", dateUpdated: "2024-08-28T19:32:20.281Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32886
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.466Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8673, MT8675, MT8676, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:50:00.224Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32886", datePublished: "2024-01-02T02:50:00.224Z", dateReserved: "2023-05-16T03:04:32.173Z", dateUpdated: "2024-08-02T15:32:46.466Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32846
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.543Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:06.378Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32846", datePublished: "2023-12-04T03:46:06.378Z", dateReserved: "2023-05-16T03:04:32.155Z", dateUpdated: "2024-08-02T15:32:46.543Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20150
Vulnerability from cvelistv5
Published
2025-01-06 03:17
Modified
2025-01-06 14:13
Severity ?
EPSS score ?
Summary
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.
References
Impacted products
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-20150", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-06T14:13:49.851498Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-06T14:13:53.673Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6880T, MT6880U, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8788E, MT8789, MT8791T, MT8795T, MT8797, MT8798, MT8863", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR12A, LR13, NR15, NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-06T03:17:56.513Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2025", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20150", datePublished: "2025-01-06T03:17:56.513Z", dateReserved: "2023-11-02T13:35:35.188Z", dateUpdated: "2025-01-06T14:13:53.673Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20151
Vulnerability from cvelistv5
Published
2025-01-06 03:17
Modified
2025-01-06 14:13
Severity ?
EPSS score ?
Summary
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01399339; Issue ID: MSV-1928.
References
Impacted products
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-20151", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-06T14:13:09.475011Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-06T14:13:12.730Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2737, MT2739, MT6789, MT6813, MT6815, MT6835, MT6835T, MT6855, MT6878, MT6878T, MT6879, MT6886, MT6895, MT6895T, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6985, MT6986, MT6986D, MT6988, MT6989, MT6990, MT6991, MT8676, MT8678, MT8798, MT8863", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01399339; Issue ID: MSV-1928.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-06T03:17:58.239Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2025", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20151", datePublished: "2025-01-06T03:17:58.239Z", dateReserved: "2023-11-02T13:35:35.188Z", dateUpdated: "2025-01-06T14:13:12.730Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-20634
Vulnerability from cvelistv5
Published
2025-02-03 03:23
Modified
2025-03-18 13:36
Severity ?
EPSS score ?
Summary
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.
References
Impacted products
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2025-20634", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-03T16:24:52.606649Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T13:36:09.562Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2737, MT6813, MT6835, MT6835T, MT6878, MT6878M, MT6879, MT6886, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8673, MT8676, MT8678, MT8795T, MT8798, MT8863", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR16, NR17, NR17R", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-03T03:23:49.665Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2025", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2025-20634", datePublished: "2025-02-03T03:23:49.665Z", dateReserved: "2024-11-01T01:21:50.362Z", dateUpdated: "2025-03-18T13:36:09.562Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32890
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT2731, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788 |
Version: Modem LR12A |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2731", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6767", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6768", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769t", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769z", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8666", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8667", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8765", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8766", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8768", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8786", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8788", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-32890", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-03-04T20:40:04.105133Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:26:22.288Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.533Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2731, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR12A", }, ], }, ], descriptions: [ { lang: "en", value: "In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-01T02:34:52.152Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32890", datePublished: "2024-01-02T02:50:07.545Z", dateReserved: "2023-05-16T03:04:32.174Z", dateUpdated: "2024-08-02T15:32:46.533Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20039
Vulnerability from cvelistv5
Published
2024-04-01 02:34
Modified
2024-08-01 21:52
Severity ?
EPSS score ?
Summary
In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lr12a", vendor: "mediatek", versions: [ { lessThan: "moly01240012", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lr13", vendor: "mediatek", versions: [ { lessThan: "moly01240012", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nr15", vendor: "mediatek", versions: [ { lessThan: "moly01240012", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nr16", vendor: "mediatek", versions: [ { lessThan: "moly01240012", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nr17", vendor: "mediatek", versions: [ { lessThan: "moly01240012", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-20039", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-04-01T17:50:38.500889Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-01T14:27:16.305Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T21:52:31.735Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2731, MT2735, MT2737, MT3967, MT6297, MT6298, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6986, MT6986D, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8676, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR12A, LR13, NR15, NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-01T02:34:49.330Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20039", datePublished: "2024-04-01T02:34:49.330Z", dateReserved: "2023-11-02T13:35:35.153Z", dateUpdated: "2024-08-01T21:52:31.735Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32844
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.588Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:03.547Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32844", datePublished: "2023-12-04T03:46:03.547Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-08-02T15:32:46.588Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20066
Vulnerability from cvelistv5
Published
2024-06-03 02:04
Modified
2025-03-27 15:50
Severity ?
EPSS score ?
Summary
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT6298, MT6813, MT6815, MT6835, MT6878, MT6879, MT6895, MT6895T, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6986, MT6986D, MT6990, MT6991, MT8673, MT8792, MT8798 |
Version: Modem NR16, NR17 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6298", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6813", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6815", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6878", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6879", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895t", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6896", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6897", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6899", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980d", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6986", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6986d", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6990", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6991", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8673", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8792", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8798", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-20066", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-27T20:28:28.850845Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-27T15:50:05.143Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T21:52:31.671Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT6298, MT6813, MT6815, MT6835, MT6878, MT6879, MT6895, MT6895T, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6986, MT6986D, MT6990, MT6991, MT8673, MT8792, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-03T02:04:43.910Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20066", datePublished: "2024-06-03T02:04:43.910Z", dateReserved: "2023-11-02T13:35:35.170Z", dateUpdated: "2025-03-27T15:50:05.143Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32842
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:44.816Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:00.658Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32842", datePublished: "2023-12-04T03:46:00.658Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-08-02T15:32:44.816Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32887
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.752Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:50:02.182Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32887", datePublished: "2024-01-02T02:50:02.182Z", dateReserved: "2023-05-16T03:04:32.174Z", dateUpdated: "2024-08-02T15:32:46.752Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32891
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.477Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2713, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8173, MT8175, MT8188, MT8195, MT8321, MT8365, MT8370, MT8385, MT8390, MT8395, MT8765, MT8766, MT8768, MT8786, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Android 12.0, 13.0", }, ], }, ], descriptions: [ { lang: "en", value: "In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:50:11.129Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32891", datePublished: "2024-01-02T02:50:11.129Z", dateReserved: "2023-05-16T03:04:32.175Z", dateUpdated: "2024-08-02T15:32:46.477Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-20644
Vulnerability from cvelistv5
Published
2025-03-03 02:25
Modified
2025-03-04 16:21
Severity ?
EPSS score ?
Summary
In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.
References
Impacted products
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2025-20644", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-04T16:20:32.825212Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-04T16:21:10.735Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT8673, MT8791T, MT8795T, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1286", description: "CWE-1286 Syntactic Correctness", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-03T02:25:27.877Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/March-2025", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2025-20644", datePublished: "2025-03-03T02:25:27.877Z", dateReserved: "2024-11-01T01:21:50.365Z", dateUpdated: "2025-03-04T16:21:10.735Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-20659
Vulnerability from cvelistv5
Published
2025-04-07 03:14
Modified
2025-04-07 14:18
Severity ?
EPSS score ?
Summary
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768.
References
Impacted products
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2025-20659", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-07T14:17:04.517691Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-07T14:18:54.949Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8788E, MT8791T, MT8796, MT8797, MT8798, MT8863", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR12A, LR13, NR15, NR16, NR17, NR17R", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-07T03:14:54.034Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/April-2025", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2025-20659", datePublished: "2025-04-07T03:14:54.034Z", dateReserved: "2024-11-01T01:21:50.367Z", dateUpdated: "2025-04-07T14:18:54.949Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32874
Vulnerability from cvelistv5
Published
2024-01-02 02:49
Modified
2025-04-17 18:53
Severity ?
EPSS score ?
Summary
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.706Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-32874", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-01-09T05:00:41.266721Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-17T18:53:25.930Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2735, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR13 NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:49:38.153Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32874", datePublished: "2024-01-02T02:49:38.153Z", dateReserved: "2023-05-16T03:04:32.171Z", dateUpdated: "2025-04-17T18:53:25.930Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32843
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.547Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:02.107Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32843", datePublished: "2023-12-04T03:46:02.107Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-08-02T15:32:46.547Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2024-06-03 02:15
Modified
2025-04-25 18:38
Severity ?
Summary
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8765 | - | |
| mediatek | mt8766 | - | |
| mediatek | mt8768 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*", matchCriteriaId: "0D09F23D-D023-4A60-B426-61251FDD8A5A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.", }, { lang: "es", value: "En los módems, existe una posible divulgación de información debido al uso de algoritmos criptográficos riesgosos durante la negociación del establecimiento de la conexión. Esto podría conducir a la divulgación remota de información, cuando se utiliza un algoritmo de cifrado débil, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY00942482; ID del problema: MSV-1469.", }, ], id: "CVE-2024-20070", lastModified: "2025-04-25T18:38:13.850", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 2.5, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-06-03T02:15:09.093", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-327", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-327", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01130204; ID del problema: MOLY01130204 (MSV-849).", }, ], id: "CVE-2023-32843", lastModified: "2024-11-21T08:04:10.123", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.463", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).", }, { lang: "es", value: "En Modem IMS Call UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01161830; ID del problema: MOLY01161830 (MSV-894).", }, ], id: "CVE-2023-32888", lastModified: "2024-11-21T08:04:16.657", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-02T03:15:08.493", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-06 04:15
Modified
2024-11-21 08:04
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*", matchCriteriaId: "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", matchCriteriaId: "6528FA05-C8B7-498B-93BE-0BEFED28C1FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*", matchCriteriaId: "8BF784DB-3560-4045-BB32-F12DCF4C43B1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771t:-:*:*:*:*:*:*:*", matchCriteriaId: "F8D4D6DB-C22A-470D-B799-651E7FB9B602", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).", }, { lang: "es", value: "En modem CCCI, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. También puede ser necesaria la interacción del usuario para la explotación. ID de parche: MOLY01138425; ID del problema: MOLY01138425 (MSV-862).", }, ], id: "CVE-2023-32840", lastModified: "2024-11-21T08:04:09.620", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-11-06T04:15:08.097", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2025-03-03 03:15
Modified
2025-04-22 13:48
Severity ?
Summary
In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/March-2025 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6855t | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6877tt | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895tt | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6989t | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8798 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*", matchCriteriaId: "083F6134-FF26-4F1B-9B77-971D342AF774", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877tt:-:*:*:*:*:*:*:*", matchCriteriaId: "5D4D6885-E18C-477F-8B6D-B9E84D9535E2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895tt:-:*:*:*:*:*:*:*", matchCriteriaId: "2141B30A-C56F-4831-8FCD-4758DF97AD18", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989t:-:*:*:*:*:*:*:*", matchCriteriaId: "6309AE48-7266-435C-B906-50960F643FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*", matchCriteriaId: "78D4E9E1-B044-41EC-BE98-22DC0E5E9010", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.", }, { lang: "es", value: "En el módem, existe una posible corrupción de memoria debido a una gestión incorrecta de errores. Esto podría provocar una denegación de servicio remota, si un UE se ha conectado a una estación base no autorizada controlada por el atacante, sin necesidad de privilegios de ejecución adicionales. No se necesita interacción del usuario para la explotación. ID de parche: MOLY01525673; ID de problema: MSV-2747.", }, ], id: "CVE-2025-20644", lastModified: "2025-04-22T13:48:09.680", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2025-03-03T03:15:09.173", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/March-2025", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-1286", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).", }, { lang: "es", value: "En Modem IMS Stack, existe un posible fallo del sistema debido a una verificación de límites faltantes. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01161837; ID del problema: MOLY01161837 (MSV-892).", }, ], id: "CVE-2023-32887", lastModified: "2024-11-21T08:04:16.530", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-02T03:15:08.450", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01128524 (MSV-846).", }, ], id: "CVE-2023-32841", lastModified: "2024-11-21T08:04:09.867", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.347", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01130256; ID del problema: MOLY01130256 (MSV-848).", }, ], id: "CVE-2023-32842", lastModified: "2024-11-21T08:04:10.000", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.417", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", matchCriteriaId: "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", matchCriteriaId: "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", matchCriteriaId: "879FFD0C-9B38-4CAA-B057-1086D794D469", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.", }, { lang: "es", value: "En el servicio Bluetooth, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución de System necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS07933038; ID del problema: MSV-559.", }, ], id: "CVE-2023-32891", lastModified: "2024-11-21T08:04:17.120", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-02T03:15:08.633", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-03 02:15
Modified
2025-03-27 16:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6899 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6986 | - | |
| mediatek | mt6986d | - | |
| mediatek | mt6990 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8798 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*", matchCriteriaId: "1F419FE2-2D6D-48EE-9B6C-E88AC5D44186", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*", matchCriteriaId: "68AA1CF7-F1CB-44A0-980E-DB32D9E379B9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.", }, { lang: "es", value: "En el módem, existe una posible escritura fuera de los límites debido a una verificación de los límites incorrecta. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01267281; ID del problema: MSV-1477.", }, ], id: "CVE-2024-20066", lastModified: "2025-03-27T16:15:21.380", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-06-03T02:15:08.630", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-04-07 04:15
Modified
2025-04-11 13:06
Severity ?
Summary
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/April-2025 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt2735_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A0D40745-FA7E-40DF-BCA6-24CECBB0AE43", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt2737_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "85F4E58C-A9BC-4116-A844-B94C6B6566FA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6739_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "14B94ECB-CAD4-499C-8959-1713FC5CE423", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6761_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2493FB05-7723-4CDD-AC2A-8B21C4285436", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6762_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "712798EA-AE09-4053-9124-E16E1FB309F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6762d_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A307C6DB-5B27-4E76-B054-D2953546259A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*", matchCriteriaId: "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6762m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8BBF1063-8378-4AA9-B21F-3D9CFFFB6964", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*", matchCriteriaId: "0002C537-4268-43CA-B349-BC14F1F0313C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6763_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7545A96-E05D-4A48-818C-5F172C594F54", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6765_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "43327018-578C-4997-81B9-6DBD3679E40C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6765t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9D33F2D1-D2D1-43DC-B21C-F8D5C8AF19F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*", matchCriteriaId: "AE80B083-D5A3-418C-9655-C79C9DECB4C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6767_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B0ED6AF6-9F84-47AB-8D9D-F5BBFD851093", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6768_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "16EF9082-FC9B-4790-A79D-AA62C62E4B88", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6769_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C435FED6-829E-4788-A61C-92A2250872AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6769k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E2F8F016-0B0F-44C8-8E9A-23A02ED0F684", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6769k:-:*:*:*:*:*:*:*", matchCriteriaId: "2B0EFB31-7B79-4529-A978-FA227D77F9F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6769s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA8E0216-44D5-48E5-983D-1517166A318C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6769s:-:*:*:*:*:*:*:*", matchCriteriaId: "2DD67454-1786-4BC7-B97E-96898F5FE3AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6769t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E05B133C-4842-4753-86A6-6A7AF27F9C43", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6769z_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "98EC4151-3229-418D-8B6C-7DA4148A435E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6771_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4C98C5B2-1B08-4E46-A845-3B19EE801A9E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6779_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2C031857-65FD-4644-AF44-F9D09303472D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6781_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23F92B7C-A5A3-4F32-B4BF-CBE706D79702", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6783_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "21ABBF98-6C62-4C4E-AF1E-4EB94D20544C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6785_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2569740E-FAF9-4324-9399-F6C0A03D4C25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6785t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7A18DF91-6FBC-4AA3-874A-2B805CC787A0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6785u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "792E371B-F090-4C3D-A0F2-C78A4FB87606", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6785u:-:*:*:*:*:*:*:*", matchCriteriaId: "14DD4149-ACBE-47B8-B52E-7CE8EECA3615", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6789_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "524AB96D-4C15-47A6-B276-6B873796E8F3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6813_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0E1CB25C-4643-4239-AE47-B5AE876416ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6833_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BA0F3AD5-4D2B-4480-AA79-44EFD4E29348", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6833p_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D6EFAB26-B3EA-4B99-9E9C-65E5C9C6FFB2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6835_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00B1D726-8183-4667-B46D-18EF110EA9D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6835t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D77529-4964-4C35-A59F-77B4BDDCE330", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*", matchCriteriaId: "C7FE7DBA-479C-402B-8485-9D14E70F25EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6853_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAA5C86-701B-4116-8A63-EB89B3DC2B93", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6853t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3295E913-2375-4544-9A83-E8B8A09AA5C9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6855_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E997ED4F-33F3-4508-9B12-99DBA0D845B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6855t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6AF56827-7662-4D83-9E73-E88F5EC1B491", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*", matchCriteriaId: "083F6134-FF26-4F1B-9B77-971D342AF774", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6873_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3E12A313-E835-4912-9392-E33428C1AC78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6875_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5228A4E6-9E36-41E4-A157-3CBA6C79DE06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6875t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "91282EE2-B5FE-48E7-9ED2-FC6AE27AF83D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6877_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "07F67D59-75F0-4056-BCCE-F7888912CAB3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6877t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DFF3BF-9D3F-4A65-8077-98B99B18575F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6877tt_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AAC1EDAC-15A9-42FB-9A84-0B0CD0FEDD09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6877tt:-:*:*:*:*:*:*:*", matchCriteriaId: "5D4D6885-E18C-477F-8B6D-B9E84D9535E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6878_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "207954E6-D413-4762-9F4A-3A147CFB4FE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6878m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7F6DF220-C31F-479D-A8D3-125BEA0E1E16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6878m:-:*:*:*:*:*:*:*", matchCriteriaId: "483B6FB0-D683-4F3C-BA5B-6C9852179854", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6879_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "502901D0-8B2D-449A-A2D6-E8914D5D4239", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6880_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1A5C1637-BAC7-47C0-AD84-B0404083A857", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6883_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "22321E12-7EB8-46B7-ABB6-23ACC1436EFD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6885_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8A6E25F4-C394-4830-8EC3-2AF0563F5032", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6886_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E10F9AFE-9F99-4B91-BF26-49E035FC8079", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6889_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD17D854-2394-483D-B8E2-FDA1BC837DAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6890_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BB9AC17B-5ED8-4B58-A7A0-B146DD1DD244", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6891_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "089C2A15-9566-4140-AA86-E8906E05660C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6893_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0A272644-3BC4-438B-BAC0-DDF164BF4097", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6895_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "110CBA4A-26A6-4E4E-A0C6-35FA02A6D4AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6895tt_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CAF47A49-59C2-48C6-9A8F-3386EEE218F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6895tt:-:*:*:*:*:*:*:*", matchCriteriaId: "2141B30A-C56F-4831-8FCD-4758DF97AD18", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6896_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "662B041E-793C-4F30-A018-6212A4781390", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6897_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A04EA650-730F-4E5D-A0E0-90570CACDD5E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6899_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BEBA484A-EC07-4D3D-80CD-BDE9E7807F71", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6980_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BB98938B-ED9E-4459-BA32-B1679E4B0DB7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6980d_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "63E39158-4501-494C-B989-4572AB72E970", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6983_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "967E956F-07B4-4957-9C84-DDB5C38E5E69", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6983t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F9C5AF3F-20BA-4224-9B66-B963F52021E7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6985_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA30A145-D98E-4DA7-84C7-377402951190", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6985t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E57C9579-723A-49B3-8AEB-B47438259346", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6989_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E495B8EB-C9B5-4F32-AEE2-D2C41C0B292B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6989t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "22CD5A7E-F5AB-41FB-9A35-D7F4BF7AE72A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6989t:-:*:*:*:*:*:*:*", matchCriteriaId: "6309AE48-7266-435C-B906-50960F643FC8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6990_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7273471C-6471-43C7-82DE-8551CFC9C39A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt6991_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D9DD2119-39E8-4A9C-8E2A-8FB7F92A1001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8666_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9BC2E651-1240-4250-BE65-AF889B3FB7E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8667_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B83A0689-C64C-4741-93C8-96482901C7C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8673_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "84687740-E3E8-4E57-8652-7C13C68E9C81", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8675_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C0C0F1-A7BA-4CDF-AD61-5E8DF981C9F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8676_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "645D7C99-A0A0-4FB0-97AC-3DA5161A44D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8678_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CFEC7A7B-6948-4B8A-BFA1-9F9D07043605", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*", matchCriteriaId: "152A5F3D-8004-4649-BDB1-E6F0798AF1CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8765_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8101C877-8499-4B45-9478-17A6A242E1B3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8766_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "215862D7-BF3D-4955-BCFF-48778190EEB5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8768_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "303069C6-F031-4176-9465-46F4134BB423", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8771_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9F17C468-79B8-4FD6-8AB2-80E8781EAEEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*", matchCriteriaId: "0D09F23D-D023-4A60-B426-61251FDD8A5A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8781_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7E2280E5-F903-4541-8404-9F789CEFF172", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8786_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "88A514F4-3EAF-45FB-8736-4A015E4DEB4E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD62F681-A2D1-4A8B-B087-7835ED500D69", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8788e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "65B4F295-BF35-4A71-8567-CB1B367D80E9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8788e:-:*:*:*:*:*:*:*", matchCriteriaId: "CEDF887A-1862-4336-ABFC-371838E1D029", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8791t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6D15A887-AC6B-4458-8355-8505742F4FC2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8796_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6DC17C8D-377F-4343-BE7E-359224912061", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*", matchCriteriaId: "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8797_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20E2FBC8-3C13-4663-8BFF-AA6B66F3F260", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8798_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C91FB79A-E095-40BB-8141-240D69CAB131", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:mt8863_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "03A3F0E1-3226-4CB5-AE9F-BDA327590107", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*", matchCriteriaId: "77E0D738-F0B9-468F-8A10-204F498320BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768.", }, { lang: "es", value: "En el módem, existe un posible fallo del sistema debido a una validación de entrada incorrecta. Esto podría provocar una denegación de servicio remota si un UE se conecta a una estación base no autorizada controlada por el atacante, sin necesidad de privilegios de ejecución adicionales. No se requiere la interacción del usuario para su explotación. ID de parche: MOLY01519028; ID de problema: MSV-2768.", }, ], id: "CVE-2025-20659", lastModified: "2025-04-11T13:06:13.850", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2025-04-07T04:15:19.820", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2025", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01139296 (MSV-860).", }, ], id: "CVE-2023-32845", lastModified: "2024-11-21T08:04:10.380", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.567", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 22:15
Modified
2025-01-24 15:15
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", matchCriteriaId: "397C75CA-D217-4617-B8B1-80F74CFB04CE", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*", matchCriteriaId: "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56", vulnerable: true, }, { criteria: "cpe:2.3:a:rdkcentral:rdkb:2022q3:*:*:*:*:*:*:*", matchCriteriaId: "295DD4FC-E943-412D-A63E-260C0F3887FC", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", matchCriteriaId: "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", matchCriteriaId: "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", matchCriteriaId: "879FFD0C-9B38-4CAA-B057-1086D794D469", vulnerable: true, }, { criteria: "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", matchCriteriaId: "4FA469E2-9E63-4C9A-8EBA-10C8C870063A", vulnerable: true, }, { criteria: "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", matchCriteriaId: "F0133207-2EED-4625-854F-8DB7770D5BF7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", matchCriteriaId: "6528FA05-C8B7-498B-93BE-0BEFED28C1FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", matchCriteriaId: "46F71838-4E50-4F2A-9EB8-30AE5DF8511E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", matchCriteriaId: "3B5FE245-6346-4078-A3D0-E5F79BB636B8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", matchCriteriaId: "3CE2FC35-716A-4706-97BA-5DB165041580", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*", matchCriteriaId: "4452EFCF-5733-40A0-8726-F8E33E569411", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", matchCriteriaId: "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", matchCriteriaId: "793B7F88-79E7-4031-8AD0-35C9BFD073C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).", }, ], id: "CVE-2023-20726", lastModified: "2025-01-24T15:15:09.850", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-05-15T22:15:11.433", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/May-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/May-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-04-01 03:15
Modified
2025-04-23 13:48
Severity ?
Summary
In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*", matchCriteriaId: "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", matchCriteriaId: "6528FA05-C8B7-498B-93BE-0BEFED28C1FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt3967:-:*:*:*:*:*:*:*", matchCriteriaId: "4F7108A7-4925-45DF-8705-04F147DB5CF2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*", matchCriteriaId: "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*", matchCriteriaId: "0002C537-4268-43CA-B349-BC14F1F0313C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*", matchCriteriaId: "AE80B083-D5A3-418C-9655-C79C9DECB4C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785u:-:*:*:*:*:*:*:*", matchCriteriaId: "14DD4149-ACBE-47B8-B52E-7CE8EECA3615", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*", matchCriteriaId: "1F419FE2-2D6D-48EE-9B6C-E88AC5D44186", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*", matchCriteriaId: "68AA1CF7-F1CB-44A0-980E-DB32D9E379B9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*", matchCriteriaId: "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.", }, { lang: "es", value: "En el protocolo de módem, existe una posible escritura fuera de los límites debido a una comprobación de los límites faltantes. Esto podría conducir a la ejecución remota de código sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01240012; ID del problema: MSV-1215.", }, ], id: "CVE-2024-20039", lastModified: "2025-04-23T13:48:41.747", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-04-01T03:15:07.780", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-02 04:15
Modified
2025-04-22 13:56
Severity ?
Summary
In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/December-2024 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt2739 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6835t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6878t | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6899 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6986 | - | |
| mediatek | mt6986d | - | |
| mediatek | mt6988 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8676 | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8798 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2739:-:*:*:*:*:*:*:*", matchCriteriaId: "7F273033-3332-45C6-B620-A6800D35284C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*", matchCriteriaId: "C7FE7DBA-479C-402B-8485-9D14E70F25EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878t:-:*:*:*:*:*:*:*", matchCriteriaId: "CE9875F3-794F-4D3A-B450-8FEA21ECCB2A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*", matchCriteriaId: "1F419FE2-2D6D-48EE-9B6C-E88AC5D44186", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*", matchCriteriaId: "68AA1CF7-F1CB-44A0-980E-DB32D9E379B9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6988:-:*:*:*:*:*:*:*", matchCriteriaId: "ADB95144-97C3-4329-99DB-CB1B6FBB8A2D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*", matchCriteriaId: "78D4E9E1-B044-41EC-BE98-22DC0E5E9010", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873.", }, { lang: "es", value: "En el módem, existe una posible escalada de privilegios debido a una verificación de los límites incorrecta. Esto podría provocar una escalada local de privilegios, siendo necesarios los permisos de ejecución de System. No se necesita la interacción del usuario para la explotación. ID de parche: MOLY01395886; ID de problema: MSV-1873.", }, ], id: "CVE-2024-20131", lastModified: "2025-04-22T13:56:27.550", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-12-02T04:15:05.337", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-02-03 04:15
Modified
2025-03-18 14:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/February-2025 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | nr17r | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6835t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6878m | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895tt | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6899 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6989t | - | |
| mediatek | mt6990 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8676 | - | |
| mediatek | mt8678 | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8863 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17r:-:*:*:*:*:*:*:*", matchCriteriaId: "BC63582A-F9A5-4450-A263-CE1FD4B4F3AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*", matchCriteriaId: "C7FE7DBA-479C-402B-8485-9D14E70F25EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878m:-:*:*:*:*:*:*:*", matchCriteriaId: "483B6FB0-D683-4F3C-BA5B-6C9852179854", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895tt:-:*:*:*:*:*:*:*", matchCriteriaId: "2141B30A-C56F-4831-8FCD-4758DF97AD18", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989t:-:*:*:*:*:*:*:*", matchCriteriaId: "6309AE48-7266-435C-B906-50960F643FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*", matchCriteriaId: "152A5F3D-8004-4649-BDB1-E6F0798AF1CB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*", matchCriteriaId: "78D4E9E1-B044-41EC-BE98-22DC0E5E9010", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*", matchCriteriaId: "77E0D738-F0B9-468F-8A10-204F498320BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.", }, { lang: "es", value: "En el módem, existe una posible escritura fuera de los límites debido a un neutra. Esto podría provocar la ejecución remota de código, si un UE se ha conectado a una estación base no autorizada controlada por el atacante, sin necesidad de privilegios de ejecución adicionales. No se necesita la interacción del usuario para la explotación. ID de parche: MOLY01289384; ID de problema: MSV-2436.", }, ], id: "CVE-2025-20634", lastModified: "2025-03-18T14:15:41.747", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2025-02-03T04:15:08.423", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2025", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-03 02:15
Modified
2025-04-25 18:38
Severity ?
Summary
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6899 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6986 | - | |
| mediatek | mt6986d | - | |
| mediatek | mt6990 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8771 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*", matchCriteriaId: "1F419FE2-2D6D-48EE-9B6C-E88AC5D44186", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*", matchCriteriaId: "68AA1CF7-F1CB-44A0-980E-DB32D9E379B9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*", matchCriteriaId: "0D09F23D-D023-4A60-B426-61251FDD8A5A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479.", }, { lang: "es", value: "En el módem, existe una posible falla del sistema debido a una validación de entrada incorrecta. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01270721; ID del problema: MSV-1479.", }, ], id: "CVE-2024-20068", lastModified: "2025-04-25T18:38:30.833", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-06-03T02:15:08.873", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8676 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8796 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*", matchCriteriaId: "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.", }, { lang: "es", value: "En el módem IMS SMS UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY00730807; ID del problema: MOLY00730807.", }, ], id: "CVE-2023-32886", lastModified: "2024-11-21T08:04:16.400", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-02T03:15:08.400", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01138453 (MSV-861).", }, ], id: "CVE-2023-32846", lastModified: "2024-11-21T08:04:10.520", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.613", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-06 04:15
Modified
2025-04-22 13:50
Severity ?
Summary
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/January-2025 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*", matchCriteriaId: "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769k:-:*:*:*:*:*:*:*", matchCriteriaId: "2B0EFB31-7B79-4529-A978-FA227D77F9F4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769s:-:*:*:*:*:*:*:*", matchCriteriaId: "2DD67454-1786-4BC7-B97E-96898F5FE3AF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785u:-:*:*:*:*:*:*:*", matchCriteriaId: "14DD4149-ACBE-47B8-B52E-7CE8EECA3615", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*", matchCriteriaId: "C7FE7DBA-479C-402B-8485-9D14E70F25EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*", matchCriteriaId: "083F6134-FF26-4F1B-9B77-971D342AF774", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877tt:-:*:*:*:*:*:*:*", matchCriteriaId: "5D4D6885-E18C-477F-8B6D-B9E84D9535E2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878m:-:*:*:*:*:*:*:*", matchCriteriaId: "483B6FB0-D683-4F3C-BA5B-6C9852179854", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880t:-:*:*:*:*:*:*:*", matchCriteriaId: "C7FC6FBA-54B7-4F06-A9CA-939455387175", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880u:-:*:*:*:*:*:*:*", matchCriteriaId: "ED414E75-91F0-4A98-9EE1-D072B7A72F8A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895tt:-:*:*:*:*:*:*:*", matchCriteriaId: "2141B30A-C56F-4831-8FCD-4758DF97AD18", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989t:-:*:*:*:*:*:*:*", matchCriteriaId: "6309AE48-7266-435C-B906-50960F643FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*", matchCriteriaId: "152A5F3D-8004-4649-BDB1-E6F0798AF1CB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*", matchCriteriaId: "0D09F23D-D023-4A60-B426-61251FDD8A5A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788e:-:*:*:*:*:*:*:*", matchCriteriaId: "CEDF887A-1862-4336-ABFC-371838E1D029", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*", matchCriteriaId: "78D4E9E1-B044-41EC-BE98-22DC0E5E9010", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*", matchCriteriaId: "77E0D738-F0B9-468F-8A10-204F498320BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.", }, { lang: "es", value: "En Modem, es posible que se produzca un bloqueo del sistema debido a un error lógico. Esto podría provocar una denegación de servicio remota sin necesidad de privilegios de ejecución adicionales. No se necesita interacción del usuario para la explotación. ID de parche: MOLY01412526; ID de problema: MSV-2018.", }, ], id: "CVE-2024-20150", lastModified: "2025-04-22T13:50:21.513", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2025-01-06T04:15:07.307", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2025", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01130183 (MSV-850).", }, ], id: "CVE-2023-32844", lastModified: "2024-11-21T08:04:10.253", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.510", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2025-04-17 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).", }, { lang: "es", value: "En Modem IMS Stack, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. Esto podría conducir a la ejecución remota de código sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01161803; ID del problema: MOLY01161803 (MSV-893).", }, ], id: "CVE-2023-32874", lastModified: "2025-04-17T19:15:55.677", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-01-02T03:15:07.833", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-06 04:15
Modified
2025-04-21 17:13
Severity ?
Summary
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01399339; Issue ID: MSV-1928.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/January-2025 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt2739 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6835t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6878t | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6899 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6986 | - | |
| mediatek | mt6986d | - | |
| mediatek | mt6988 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt8676 | - | |
| mediatek | mt8678 | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8863 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2739:-:*:*:*:*:*:*:*", matchCriteriaId: "7F273033-3332-45C6-B620-A6800D35284C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*", matchCriteriaId: "C7FE7DBA-479C-402B-8485-9D14E70F25EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878t:-:*:*:*:*:*:*:*", matchCriteriaId: "CE9875F3-794F-4D3A-B450-8FEA21ECCB2A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*", matchCriteriaId: "1F419FE2-2D6D-48EE-9B6C-E88AC5D44186", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*", matchCriteriaId: "68AA1CF7-F1CB-44A0-980E-DB32D9E379B9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6988:-:*:*:*:*:*:*:*", matchCriteriaId: "ADB95144-97C3-4329-99DB-CB1B6FBB8A2D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*", matchCriteriaId: "152A5F3D-8004-4649-BDB1-E6F0798AF1CB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*", matchCriteriaId: "77E0D738-F0B9-468F-8A10-204F498320BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01399339; Issue ID: MSV-1928.", }, { lang: "es", value: "En Modem, es posible que se produzca una escritura fuera de los límites debido a una comprobación incorrecta de los límites. Esto podría provocar una escalada local de privilegios si un actor malintencionado ya ha obtenido el privilegio del sistema. No se necesita la interacción del usuario para la explotación. ID de parche: MOLY01399339; ID de problema: MSV-1928.", }, ], id: "CVE-2024-20151", lastModified: "2025-04-21T17:13:45.390", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2025-01-06T04:15:07.413", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2025", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).", }, { lang: "es", value: "En el modem EMM, existe un posible fallo del sistema debido a una validación de entrada incorrecta. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01183647; ID del problema: MOLY01183647 (MSV-963).", }, ], id: "CVE-2023-32890", lastModified: "2024-11-21T08:04:16.913", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-01-02T03:15:08.587", references: [ { source: "security@mediatek.com", url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }