Vulnerabilites related to mediatek - nr16
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr11:-:*:*:*:*:*:*:*", matchCriteriaId: "BFEBC79B-E936-4499-8B2D-C6619C51B755", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr12:-:*:*:*:*:*:*:*", matchCriteriaId: "32EA5EB6-EBC1-4660-9E03-616CDB25C417", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*", matchCriteriaId: "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr9:-:*:*:*:*:*:*:*", matchCriteriaId: "387D7FC2-2146-4565-9B9B-D84EF686DBA5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", matchCriteriaId: "6528FA05-C8B7-498B-93BE-0BEFED28C1FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6725:-:*:*:*:*:*:*:*", matchCriteriaId: "BCEE78CC-80F8-4C4F-92BA-378AAA85F087", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*", matchCriteriaId: "C82E144B-0BAD-47E1-A657-3A5880988FE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*", matchCriteriaId: "4E76B29F-007E-4445-B3F3-3FDC054FEB84", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*", matchCriteriaId: "F51C9D91-A64F-446E-BC14-7C79B770C3A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*", matchCriteriaId: "12A1CB8F-3C1C-4374-8D46-23175D1174DE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*", matchCriteriaId: "47BE9434-12D6-4801-8B04-7F18AF58E717", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*", matchCriteriaId: "B4C27948-65A7-4B1E-9F10-6744D176A5C3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6757p:-:*:*:*:*:*:*:*", matchCriteriaId: "424A75C9-2A15-4B00-B0B7-703A4840CC1D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*", matchCriteriaId: "B15C285A-0A26-46F7-9D72-CCADC47D93B0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*", matchCriteriaId: "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*", matchCriteriaId: "0002C537-4268-43CA-B349-BC14F1F0313C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*", matchCriteriaId: "AE80B083-D5A3-418C-9655-C79C9DECB4C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6775:-:*:*:*:*:*:*:*", matchCriteriaId: "C387CFFD-BAE4-4626-8AC3-7C9CFB6819FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*", matchCriteriaId: "CE7CC141-E2D6-4F28-B6F0-167E11869CD1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*", matchCriteriaId: "45A7A805-EFED-47B3-884C-158FF1EECAEC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*", matchCriteriaId: "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*", matchCriteriaId: "0D09F23D-D023-4A60-B426-61251FDD8A5A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.", }, { lang: "es", value: "En Modem 2G RR, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una ejecución de código remota cuando son descodificados datos de celdas vecinas de paquetes GPRS (PNCD) de tamaño inapropiado sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. ID del parche: MOLY00810064; ID de Incidencia: ALPS06641626", }, ], id: "CVE-2022-21744", lastModified: "2024-11-21T06:45:21.270", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-06T14:15:17.027", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01130204; ID del problema: MOLY01130204 (MSV-849).", }, ], id: "CVE-2023-32843", lastModified: "2024-11-21T08:04:10.123", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.463", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).", }, { lang: "es", value: "En Modem IMS Call UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01161830; ID del problema: MOLY01161830 (MSV-894).", }, ], id: "CVE-2023-32888", lastModified: "2024-11-21T08:04:16.657", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-02T03:15:08.493", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-06 04:15
Modified
2024-11-21 08:04
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*", matchCriteriaId: "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", matchCriteriaId: "6528FA05-C8B7-498B-93BE-0BEFED28C1FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*", matchCriteriaId: "8BF784DB-3560-4045-BB32-F12DCF4C43B1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771t:-:*:*:*:*:*:*:*", matchCriteriaId: "F8D4D6DB-C22A-470D-B799-651E7FB9B602", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).", }, { lang: "es", value: "En modem CCCI, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. También puede ser necesaria la interacción del usuario para la explotación. ID de parche: MOLY01138425; ID del problema: MOLY01138425 (MSV-862).", }, ], id: "CVE-2023-32840", lastModified: "2024-11-21T08:04:09.620", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-11-06T04:15:08.097", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).", }, { lang: "es", value: "En Modem IMS Stack, existe un posible fallo del sistema debido a una verificación de límites faltantes. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01161837; ID del problema: MOLY01161837 (MSV-892).", }, ], id: "CVE-2023-32887", lastModified: "2024-11-21T08:04:16.530", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-02T03:15:08.450", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01128524 (MSV-846).", }, ], id: "CVE-2023-32841", lastModified: "2024-11-21T08:04:09.867", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.347", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01130256; ID del problema: MOLY01130256 (MSV-848).", }, ], id: "CVE-2023-32842", lastModified: "2024-11-21T08:04:10.000", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.417", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 11.0 | ||
| android | 12.0 | ||
| android | 13.0 | ||
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", matchCriteriaId: "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", matchCriteriaId: "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", matchCriteriaId: "879FFD0C-9B38-4CAA-B057-1086D794D469", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.", }, { lang: "es", value: "En el servicio Bluetooth, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución de System necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS07933038; ID del problema: MSV-559.", }, ], id: "CVE-2023-32891", lastModified: "2024-11-21T08:04:17.120", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-02T03:15:08.633", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-03 02:15
Modified
2025-03-27 16:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6899 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6986 | - | |
| mediatek | mt6986d | - | |
| mediatek | mt6990 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8798 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*", matchCriteriaId: "1F419FE2-2D6D-48EE-9B6C-E88AC5D44186", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*", matchCriteriaId: "68AA1CF7-F1CB-44A0-980E-DB32D9E379B9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.", }, { lang: "es", value: "En el módem, existe una posible escritura fuera de los límites debido a una verificación de los límites incorrecta. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01267281; ID del problema: MSV-1477.", }, ], id: "CVE-2024-20066", lastModified: "2025-03-27T16:15:21.380", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-06-03T02:15:08.630", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01139296 (MSV-860).", }, ], id: "CVE-2023-32845", lastModified: "2024-11-21T08:04:10.380", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.567", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-06 04:15
Modified
2024-11-21 07:41
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.", }, { lang: "es", value: "En 5G NRLC, existe un posible acceso no válido a la memoria debido a la falta de manejo de errores. Esto podría provocar una denegación remota de servicio, si el UE recibiera un rlc sdu de 1 byte no válido, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY00921261; ID del problema: MOLY01128895.", }, ], id: "CVE-2023-20702", lastModified: "2024-11-21T07:41:22.977", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-11-06T04:15:07.653", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-02-03 04:15
Modified
2025-03-18 14:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/February-2025 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | nr17r | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6835t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6878m | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895tt | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6899 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6989t | - | |
| mediatek | mt6990 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8676 | - | |
| mediatek | mt8678 | - | |
| mediatek | mt8795t | - | |
| mediatek | mt8798 | - | |
| mediatek | mt8863 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17r:-:*:*:*:*:*:*:*", matchCriteriaId: "BC63582A-F9A5-4450-A263-CE1FD4B4F3AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*", matchCriteriaId: "C7FE7DBA-479C-402B-8485-9D14E70F25EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878m:-:*:*:*:*:*:*:*", matchCriteriaId: "483B6FB0-D683-4F3C-BA5B-6C9852179854", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895tt:-:*:*:*:*:*:*:*", matchCriteriaId: "2141B30A-C56F-4831-8FCD-4758DF97AD18", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989t:-:*:*:*:*:*:*:*", matchCriteriaId: "6309AE48-7266-435C-B906-50960F643FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", matchCriteriaId: "CBBB30DF-E963-4940-B742-F6801F68C3FC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*", matchCriteriaId: "152A5F3D-8004-4649-BDB1-E6F0798AF1CB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*", matchCriteriaId: "78D4E9E1-B044-41EC-BE98-22DC0E5E9010", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*", matchCriteriaId: "77E0D738-F0B9-468F-8A10-204F498320BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.", }, { lang: "es", value: "En el módem, existe una posible escritura fuera de los límites debido a un neutra. Esto podría provocar la ejecución remota de código, si un UE se ha conectado a una estación base no autorizada controlada por el atacante, sin necesidad de privilegios de ejecución adicionales. No se necesita la interacción del usuario para la explotación. ID de parche: MOLY01289384; ID de problema: MSV-2436.", }, ], id: "CVE-2025-20634", lastModified: "2025-03-18T14:15:41.747", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2025-02-03T04:15:08.423", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/February-2025", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "security@mediatek.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-02 03:15
Modified
2024-11-21 07:41
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr11:-:*:*:*:*:*:*:*", matchCriteriaId: "BFEBC79B-E936-4499-8B2D-C6619C51B755", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*", matchCriteriaId: "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", matchCriteriaId: "6528FA05-C8B7-498B-93BE-0BEFED28C1FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6570:-:*:*:*:*:*:*:*", matchCriteriaId: "975802CC-B130-4CF3-9B8E-A23DEA464259", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", matchCriteriaId: "46F71838-4E50-4F2A-9EB8-30AE5DF8511E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6595:-:*:*:*:*:*:*:*", matchCriteriaId: "1B42CCA9-A835-4871-A129-B83573713AA9", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*", matchCriteriaId: "A7FBCBDD-5ADA-49A7-A152-61FB909EE5FF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*", matchCriteriaId: "C82E144B-0BAD-47E1-A657-3A5880988FE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*", matchCriteriaId: "4E76B29F-007E-4445-B3F3-3FDC054FEB84", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6737m:-:*:*:*:*:*:*:*", matchCriteriaId: "8E3152A6-982E-415E-9F19-1CB2F6D11850", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6738:-:*:*:*:*:*:*:*", matchCriteriaId: "99735131-D437-40AA-9EDB-31DC61DD15DF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*", matchCriteriaId: "F51C9D91-A64F-446E-BC14-7C79B770C3A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*", matchCriteriaId: "12A1CB8F-3C1C-4374-8D46-23175D1174DE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*", matchCriteriaId: "22C2668D-7A14-42AA-A164-957FE78B9ABF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*", matchCriteriaId: "7362AED0-47F2-4D48-A292-89F717F0697E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*", matchCriteriaId: "47BE9434-12D6-4801-8B04-7F18AF58E717", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*", matchCriteriaId: "B4C27948-65A7-4B1E-9F10-6744D176A5C3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*", matchCriteriaId: "B15C285A-0A26-46F7-9D72-CCADC47D93B0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*", matchCriteriaId: "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*", matchCriteriaId: "0002C537-4268-43CA-B349-BC14F1F0313C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*", matchCriteriaId: "AE80B083-D5A3-418C-9655-C79C9DECB4C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6775:-:*:*:*:*:*:*:*", matchCriteriaId: "C387CFFD-BAE4-4626-8AC3-7C9CFB6819FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*", matchCriteriaId: "809FEAD7-F02B-48A9-B442-28B46C7806C6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*", matchCriteriaId: "CE7CC141-E2D6-4F28-B6F0-167E11869CD1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666a:-:*:*:*:*:*:*:*", matchCriteriaId: "CF649E18-4DA8-4724-A9B2-575BC01BFACC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766z:-:*:*:*:*:*:*:*", matchCriteriaId: "8F25CBBB-B600-4A54-8653-4C60CD125353", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768a:-:*:*:*:*:*:*:*", matchCriteriaId: "D039235C-D84C-4E9B-9D01-16A24E95FE79", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768b:-:*:*:*:*:*:*:*", matchCriteriaId: "4D99E26E-A551-428C-90FF-0F6CDE28C1A1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768t:-:*:*:*:*:*:*:*", matchCriteriaId: "21CA41B1-2BAF-43DE-AD79-396FA5125695", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768z:-:*:*:*:*:*:*:*", matchCriteriaId: "02B6E7E0-8BD2-4BA1-948F-3F5A95B989F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788t:-:*:*:*:*:*:*:*", matchCriteriaId: "0165F48B-B11A-4A8B-859B-083D239270FF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788x:-:*:*:*:*:*:*:*", matchCriteriaId: "F4DE760A-BF65-4917-B571-1382C6703271", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788z:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE75D73-582B-48BF-B38A-3F9626338C7D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.", }, { lang: "es", value: "En el CDMA PPP protocol, existe una posible escritura fuera de límites debido a una verificación de límites faltantes. Esto podría conducir a una escalada remota de privilegios sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01068234; ID del problema: ALPS08010003.", }, ], id: "CVE-2023-20819", lastModified: "2024-11-21T07:41:36.283", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-10-02T03:15:09.710", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/October-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/October-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-08 21:15
Modified
2024-11-21 06:53
Severity ?
Summary
In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*", matchCriteriaId: "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", matchCriteriaId: "6528FA05-C8B7-498B-93BE-0BEFED28C1FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6725:-:*:*:*:*:*:*:*", matchCriteriaId: "BCEE78CC-80F8-4C4F-92BA-378AAA85F087", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*", matchCriteriaId: "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*", matchCriteriaId: "0002C537-4268-43CA-B349-BC14F1F0313C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*", matchCriteriaId: "AE80B083-D5A3-418C-9655-C79C9DECB4C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.", }, { lang: "es", value: "En Modem 4G RRC, existe una posible falla del sistema debido a una validación de entrada incorrecta. Esto podría provocar una Denegación de Servicio (DoS) remota al concatenar SIB12 incorrecto (mensaje CMAS), sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY00867883; ID del problema: ALPS07274118.", }, ], id: "CVE-2022-26446", lastModified: "2024-11-21T06:53:57.873", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-08T21:15:11.423", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
Summary
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt8673 | - | |
| mediatek | mt8675 | - | |
| mediatek | mt8676 | - | |
| mediatek | mt8791 | - | |
| mediatek | mt8791t | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8796 | - | |
| mediatek | mt8797 | - | |
| mediatek | mt8798 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", matchCriteriaId: "152F6606-FA23-4530-AA07-419866B74CB3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", matchCriteriaId: "EE302F6F-170E-4350-A8F4-65BE0C50CB78", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB05B1D-77C9-4E42-91AD-9F087413DC20", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", matchCriteriaId: "336FC69E-E89F-4642-B6B9-8009D9A2BD52", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*", matchCriteriaId: "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", matchCriteriaId: "637CAAD2-DCC0-4F81-B781-5D0536844CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.", }, { lang: "es", value: "En el módem IMS SMS UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY00730807; ID del problema: MOLY00730807.", }, ], id: "CVE-2023-32886", lastModified: "2024-11-21T08:04:16.400", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-02T03:15:08.400", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01138453 (MSV-861).", }, ], id: "CVE-2023-32846", lastModified: "2024-11-21T08:04:10.520", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.613", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 04:15
Modified
2024-11-21 08:04
Severity ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt2737 | - | |
| mediatek | mt6297 | - | |
| mediatek | mt6298 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6815 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6875t | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", matchCriteriaId: "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EABFE5-4B6F-446C-9DE7-008D47C09ED7", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", matchCriteriaId: "B7122918-8C44-4F24-82E4-B8448247FC83", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", matchCriteriaId: "F883C6D3-1724-4553-9EFC-3D204FF3CAA3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).", }, { lang: "es", value: "En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. Esto podría provocar una denegación remota de servicio al recibir mensajes RRC con formato incorrecto, sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01128524; ID del problema: MOLY01130183 (MSV-850).", }, ], id: "CVE-2023-32844", lastModified: "2024-11-21T08:04:10.253", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T04:15:07.510", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:42
Severity ?
Summary
In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID: MOLY00803883.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr11:-:*:*:*:*:*:*:*", matchCriteriaId: "BFEBC79B-E936-4499-8B2D-C6619C51B755", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr12:-:*:*:*:*:*:*:*", matchCriteriaId: "32EA5EB6-EBC1-4660-9E03-616CDB25C417", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*", matchCriteriaId: "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:lr9:-:*:*:*:*:*:*:*", matchCriteriaId: "387D7FC2-2146-4565-9B9B-D84EF686DBA5", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", matchCriteriaId: "6528FA05-C8B7-498B-93BE-0BEFED28C1FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", matchCriteriaId: "99B87E31-AC92-445B-94B8-33DBF72EC11C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6725:-:*:*:*:*:*:*:*", matchCriteriaId: "BCEE78CC-80F8-4C4F-92BA-378AAA85F087", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*", matchCriteriaId: "C82E144B-0BAD-47E1-A657-3A5880988FE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*", matchCriteriaId: "4E76B29F-007E-4445-B3F3-3FDC054FEB84", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*", matchCriteriaId: "F51C9D91-A64F-446E-BC14-7C79B770C3A0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*", matchCriteriaId: "12A1CB8F-3C1C-4374-8D46-23175D1174DE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*", matchCriteriaId: "47BE9434-12D6-4801-8B04-7F18AF58E717", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*", matchCriteriaId: "B4C27948-65A7-4B1E-9F10-6744D176A5C3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6757p:-:*:*:*:*:*:*:*", matchCriteriaId: "424A75C9-2A15-4B00-B0B7-703A4840CC1D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*", matchCriteriaId: "B15C285A-0A26-46F7-9D72-CCADC47D93B0", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*", matchCriteriaId: "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*", matchCriteriaId: "0002C537-4268-43CA-B349-BC14F1F0313C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*", matchCriteriaId: "AE80B083-D5A3-418C-9655-C79C9DECB4C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", matchCriteriaId: "3367BA13-9C4D-4CCF-8E71-397F33CFF773", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", matchCriteriaId: "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1BE913-70AE-49FE-99E9-E996165DF79D", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6775:-:*:*:*:*:*:*:*", matchCriteriaId: "C387CFFD-BAE4-4626-8AC3-7C9CFB6819FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*", matchCriteriaId: "CE7CC141-E2D6-4F28-B6F0-167E11869CD1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", matchCriteriaId: "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*", matchCriteriaId: "45A7A805-EFED-47B3-884C-158FF1EECAEC", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*", matchCriteriaId: "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*", matchCriteriaId: "0D09F23D-D023-4A60-B426-61251FDD8A5A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", matchCriteriaId: "533284E5-C3AF-48D3-A287-993099DB2E41", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID: MOLY00803883.", }, { lang: "es", value: "En Modem 2G/3G CC, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una ejecución de código remota cuando es descodificada FACILITY combinada sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. ID del parche: MOLY00803883; ID de Incidencia: MOLY00803883", }, ], id: "CVE-2022-20083", lastModified: "2024-11-21T06:42:07.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-06T14:15:16.980", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2025-04-17 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).", }, { lang: "es", value: "En Modem IMS Stack, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. Esto podría conducir a la ejecución remota de código sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01161803; ID del problema: MOLY01161803 (MSV-893).", }, ], id: "CVE-2023-32874", lastModified: "2025-04-17T19:15:55.677", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-01-02T03:15:07.833", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-02 03:15
Modified
2024-11-21 08:04
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | lr13 | - | |
| mediatek | nr15 | - | |
| mediatek | nr16 | - | |
| mediatek | nr17 | - | |
| mediatek | mt2735 | - | |
| mediatek | mt6779 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6783 | - | |
| mediatek | mt6785 | - | |
| mediatek | mt6785t | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6813 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6833p | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6853t | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6873 | - | |
| mediatek | mt6875 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6877t | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6880 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6890 | - | |
| mediatek | mt6891 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6895t | - | |
| mediatek | mt6896 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6980 | - | |
| mediatek | mt6980d | - | |
| mediatek | mt6983t | - | |
| mediatek | mt6983w | - | |
| mediatek | mt6983z | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6985t | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*", matchCriteriaId: "12318A0A-16CD-48A5-98A4-373070734642", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*", matchCriteriaId: "E30A2D2E-6A72-4070-A471-EEE75F7D07F2", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*", matchCriteriaId: "2B763B71-F913-45B4-B91E-D7F0670C4315", vulnerable: true, }, { criteria: "cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8874B-DBF1-4A67-8ADF-4654AB56B6A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", matchCriteriaId: "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", matchCriteriaId: "F2C8F9C2-6471-4498-B089-2F40D2483487", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", matchCriteriaId: "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", matchCriteriaId: "66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", matchCriteriaId: "CB690F5A-9367-45D3-A53E-80BF60053630", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", matchCriteriaId: "19A63103-C708-48EC-B44D-5E465A6B79C5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", matchCriteriaId: "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA54AA1-4E3A-44F8-A222-31C60F8F81DA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", matchCriteriaId: "855A8046-34ED-4891-ACE5-76AB10AC8D53", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", matchCriteriaId: "68CF4A7A-3136-4C4C-A795-81323896BE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", matchCriteriaId: "AF3E2B84-DAFE-4E11-B23B-026F719475F5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", matchCriteriaId: "171D1C08-F055-44C0-913C-AA2B73AF5B72", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", matchCriteriaId: "A97CE1E0-7B77-49BA-8D92-9AF031CD18FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", matchCriteriaId: "33DEF766-EAF1-4E36-BB7C-43069B26507A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", matchCriteriaId: "2A7D8055-F4B6-41EE-A078-11D56285AB66", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", matchCriteriaId: "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", matchCriteriaId: "2758122C-4D11-4D34-9B72-3905F3A28448", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D6430E-840D-447F-892E-EA4FD7F69BAF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", matchCriteriaId: "F00B6513-EDB2-4303-9648-17ECD6DA2083", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8E0661-FCAB-48D7-A7F8-310F9BCF13A3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", matchCriteriaId: "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7DE6B2-66D9-4A3E-B15F-D56505559255", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", matchCriteriaId: "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).", }, { lang: "es", value: "En el modem EMM, existe un posible fallo del sistema debido a una validación de entrada incorrecta. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: MOLY01183647; ID del problema: MOLY01183647 (MSV-963).", }, ], id: "CVE-2023-32890", lastModified: "2024-11-21T08:04:16.913", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-01-02T03:15:08.587", references: [ { source: "security@mediatek.com", url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
cve-2023-32840
Vulnerability from cvelistv5
Published
2023-11-06 03:50
Modified
2024-09-05 15:06
Severity ?
EPSS score ?
Summary
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:44.816Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2731", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2735", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6731", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6739", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6761", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6762", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6763", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6765", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6767", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6768", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769z", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6771", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6771t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6771t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6813", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6833", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6833p", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6853", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6853t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6855", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6873", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6875", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6877", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6877t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6878", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6879", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6880", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6883", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6885", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6886", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6889", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6890", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6891", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6893", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6896", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6897", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980d", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983w:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983w", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983z", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6985", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6985t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6989", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6990", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8666", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8667", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8673", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8675", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8765", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8766", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8768", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8781", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8786", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8788", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8789", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8791", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8791t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8797", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8798", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-32840", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-05T15:06:09.151529Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-05T15:06:29.403Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2731, MT2735, MT6731, MT6739, MT6761, MT6762, MT6763, MT6765, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6771T, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR12A, NR15, NR16, VMOLYN, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-06T03:50:57.414Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32840", datePublished: "2023-11-06T03:50:57.414Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-09-05T15:06:29.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20702
Vulnerability from cvelistv5
Published
2023-11-06 03:50
Modified
2024-09-05 15:17
Severity ?
EPSS score ?
Summary
In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT6835, MT6873, MT6875, MT6879, MT6883, MT6885, MT6886, MT6889, MT6895, MT6980, MT6983, MT6985, MT6990, MT8673, MT8675, MT8791, MT8791T, MT8797, MT8798 |
Version: Modem NR15, NR16, NR17 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:14:40.992Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6873", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6875", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6879", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6883", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6885", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6886", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6889", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6985", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6990", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8673", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8675", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8791", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8791t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8797", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8798", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-20702", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-05T15:16:26.867886Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-05T15:17:22.422Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT6835, MT6873, MT6875, MT6879, MT6883, MT6885, MT6886, MT6889, MT6895, MT6980, MT6983, MT6985, MT6990, MT8673, MT8675, MT8791, MT8791T, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-06T03:50:51.533Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/November-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-20702", datePublished: "2023-11-06T03:50:51.533Z", dateReserved: "2022-10-28T02:03:10.759Z", dateUpdated: "2024-09-05T15:17:22.422Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32841
Vulnerability from cvelistv5
Published
2023-12-04 03:45
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.440Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:45:59.231Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32841", datePublished: "2023-12-04T03:45:59.231Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-08-02T15:32:46.440Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20819
Vulnerability from cvelistv5
Published
2023-10-02 02:05
Modified
2024-09-21 15:27
Severity ?
EPSS score ?
Summary
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:14:40.994Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/October-2023", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2731", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6570:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6570", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6580", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6595:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6595", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6732", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6735", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6737", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6737m:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6737m", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6738:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6738", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6739", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6750", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6750s", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6752", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6753", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6755", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6757", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6758", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6761", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6762", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6762d", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6762m", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6763", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6765", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6765t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6767", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6768", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769z", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6771", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6775:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6775", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6779", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6781", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6783", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6785", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6785t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6789", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6795", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6797", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6799", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6813", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6815", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6833", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6853", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6855", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6873", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6875", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6875t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6877", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6878", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6879", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6883", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6885", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6886", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6889", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6891", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6893", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6896", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6897", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6985", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6989", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8666", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8666a:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8666a", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8667", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8673", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8675", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8765", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8766", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8766z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8766z", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8768", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8768a:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8768a", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8768b:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8768b", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8768t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8768t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8768z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8768z", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8781", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8786", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8788", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8788t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8788t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8788x:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8788x", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8788z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8788z", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8791", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8791t", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8797", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8798", vendor: "mediatek", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-20819", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-21T15:26:25.287276Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-21T15:27:05.080Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2731, MT6570, MT6580, MT6595, MT6732, MT6735, MT6737, MT6737M, MT6738, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6757, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6795, MT6797, MT6799, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6983, MT6985, MT6989, MT8666, MT8666A, MT8667, MT8673, MT8675, MT8765, MT8766, MT8766Z, MT8768, MT8768A, MT8768B, MT8768T, MT8768Z, MT8781, MT8786, MT8788, MT8788T, MT8788X, MT8788Z, MT8791, MT8791T, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR11, LR12A, LR13, NR15, NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-02T02:05:25.077Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/October-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-20819", datePublished: "2023-10-02T02:05:25.077Z", dateReserved: "2022-10-28T02:03:23.673Z", dateUpdated: "2024-09-21T15:27:05.080Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32888
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.489Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:50:03.942Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32888", datePublished: "2024-01-02T02:50:03.942Z", dateReserved: "2023-05-16T03:04:32.174Z", dateUpdated: "2024-08-02T15:32:46.489Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32845
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-28 19:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:45.095Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2735", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2737", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6297", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6298", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6813", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6815", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6833", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6853", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6855", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6873", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6875", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6875t", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6877", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6879", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6880", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6883", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6885", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6886", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6889", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6890", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6891", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6893", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895t", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6896", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6897", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980d", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6985", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6989", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6990", vendor: "mediatek", versions: [ { status: "affected", version: "modem_nr15_nr16_nr17", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-32845", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-28T18:53:53.230062Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T19:32:20.281Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:04.973Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32845", datePublished: "2023-12-04T03:46:04.973Z", dateReserved: "2023-05-16T03:04:32.154Z", dateUpdated: "2024-08-28T19:32:20.281Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32886
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.466Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8673, MT8675, MT8676, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:50:00.224Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32886", datePublished: "2024-01-02T02:50:00.224Z", dateReserved: "2023-05-16T03:04:32.173Z", dateUpdated: "2024-08-02T15:32:46.466Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32846
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.543Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:06.378Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32846", datePublished: "2023-12-04T03:46:06.378Z", dateReserved: "2023-05-16T03:04:32.155Z", dateUpdated: "2024-08-02T15:32:46.543Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21744
Vulnerability from cvelistv5
Published
2022-07-06 13:05
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:53:35.802Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2731, MT2735, MT6297, MT6725, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6755, MT6757, MT6757P, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6797, MT6799, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR9, \nLR11, \nLR12, \nLR12A, \nLR13, \nNR15,\nNR16", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-06T13:05:13", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-21744", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT2731, MT2735, MT6297, MT6725, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6755, MT6757, MT6757P, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6797, MT6799, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797", version: { version_data: [ { version_value: "Modem LR9, \nLR11, \nLR12, \nLR12A, \nLR13, \nNR15,\nNR16", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Remote Code Execution", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/July-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-21744", datePublished: "2022-07-06T13:05:13", dateReserved: "2021-11-26T00:00:00", dateUpdated: "2024-08-03T02:53:35.802Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-20634
Vulnerability from cvelistv5
Published
2025-02-03 03:23
Modified
2025-03-18 13:36
Severity ?
EPSS score ?
Summary
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.
References
Impacted products
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2025-20634", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-03T16:24:52.606649Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T13:36:09.562Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2737, MT6813, MT6835, MT6835T, MT6878, MT6878M, MT6879, MT6886, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8673, MT8676, MT8678, MT8795T, MT8798, MT8863", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR16, NR17, NR17R", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-03T03:23:49.665Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/February-2025", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2025-20634", datePublished: "2025-02-03T03:23:49.665Z", dateReserved: "2024-11-01T01:21:50.362Z", dateUpdated: "2025-03-18T13:36:09.562Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26446
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.927Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/November-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2731, MT2735, MT6297, MT6725, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR12A, \nLR13, \nNR15,\nNR16", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-08T00:00:00", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/November-2022", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-26446", datePublished: "2022-11-08T00:00:00", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.927Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32890
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT2731, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788 |
Version: Modem LR12A |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt2731", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6767", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6768", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769t", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6769z", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8666", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8667", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8765", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8766", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8768", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8786", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8788", vendor: "mediatek", versions: [ { status: "affected", version: "Modem LR12A", }, { status: "affected", version: "LR13", }, { status: "affected", version: "NR15", }, { status: "affected", version: "NR16", }, { status: "affected", version: "NR17", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-32890", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-03-04T20:40:04.105133Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:26:22.288Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.533Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2731, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR12A", }, ], }, ], descriptions: [ { lang: "en", value: "In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-01T02:34:52.152Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/April-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32890", datePublished: "2024-01-02T02:50:07.545Z", dateReserved: "2023-05-16T03:04:32.174Z", dateUpdated: "2024-08-02T15:32:46.533Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32844
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.588Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:03.547Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32844", datePublished: "2023-12-04T03:46:03.547Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-08-02T15:32:46.588Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20066
Vulnerability from cvelistv5
Published
2024-06-03 02:04
Modified
2025-03-27 15:50
Severity ?
EPSS score ?
Summary
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT6298, MT6813, MT6815, MT6835, MT6878, MT6879, MT6895, MT6895T, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6986, MT6986D, MT6990, MT6991, MT8673, MT8792, MT8798 |
Version: Modem NR16, NR17 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:mediatek:mt6298:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6298", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6813", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6815", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6835", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6878", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6879", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6895t", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6896", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6897", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6899", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6980d", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6983", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6986", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6986d:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6986d", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6990", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt6991", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8673", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8792", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, { cpes: [ "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mt8798", vendor: "mediatek", versions: [ { status: "affected", version: "-", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-20066", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-27T20:28:28.850845Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-27T15:50:05.143Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T21:52:31.671Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT6298, MT6813, MT6815, MT6835, MT6878, MT6879, MT6895, MT6895T, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6986, MT6986D, MT6990, MT6991, MT8673, MT8792, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR16, NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-03T02:04:43.910Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/June-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2024-20066", datePublished: "2024-06-03T02:04:43.910Z", dateReserved: "2023-11-02T13:35:35.170Z", dateUpdated: "2025-03-27T15:50:05.143Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32842
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:44.816Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:00.658Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32842", datePublished: "2023-12-04T03:46:00.658Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-08-02T15:32:44.816Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20083
Vulnerability from cvelistv5
Published
2022-07-06 13:05
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID: MOLY00803883.
References
| ▼ | URL | Tags |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:02:30.449Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2731, MT2735, MT6297, MT6725, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6755, MT6757, MT6757P, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6797, MT6799, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR9, \nLR11, \nLR12, \nLR12A, \nLR13, \nNR15,\nNR16", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID: MOLY00803883.", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-06T13:05:39", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-20083", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT2731, MT2735, MT6297, MT6725, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6755, MT6757, MT6757P, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6797, MT6799, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797", version: { version_data: [ { version_value: "Modem LR9, \nLR11, \nLR12, \nLR12A, \nLR13, \nNR15,\nNR16", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID: MOLY00803883.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Remote Code Execution", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/July-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-20083", datePublished: "2022-07-06T13:05:39", dateReserved: "2021-10-12T00:00:00", dateUpdated: "2024-08-03T02:02:30.449Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32887
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.752Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:50:02.182Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32887", datePublished: "2024-01-02T02:50:02.182Z", dateReserved: "2023-05-16T03:04:32.174Z", dateUpdated: "2024-08-02T15:32:46.752Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32891
Vulnerability from cvelistv5
Published
2024-01-02 02:50
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.477Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2713, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8173, MT8175, MT8188, MT8195, MT8321, MT8365, MT8370, MT8385, MT8390, MT8395, MT8765, MT8766, MT8768, MT8786, MT8797, MT8798", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Android 12.0, 13.0", }, ], }, ], descriptions: [ { lang: "en", value: "In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:50:11.129Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32891", datePublished: "2024-01-02T02:50:11.129Z", dateReserved: "2023-05-16T03:04:32.175Z", dateUpdated: "2024-08-02T15:32:46.477Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32874
Vulnerability from cvelistv5
Published
2024-01-02 02:49
Modified
2025-04-17 18:53
Severity ?
EPSS score ?
Summary
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.706Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-32874", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-01-09T05:00:41.266721Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-17T18:53:25.930Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MT2735, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem LR13 NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-02T02:49:38.153Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/January-2024", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32874", datePublished: "2024-01-02T02:49:38.153Z", dateReserved: "2023-05-16T03:04:32.171Z", dateUpdated: "2025-04-17T18:53:25.930Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32843
Vulnerability from cvelistv5
Published
2023-12-04 03:46
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.547Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Modem NR15, NR16, and NR17", }, ], }, ], descriptions: [ { lang: "en", value: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T03:46:02.107Z", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { url: "https://corp.mediatek.com/product-security-bulletin/December-2023", }, ], }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2023-32843", datePublished: "2023-12-04T03:46:02.107Z", dateReserved: "2023-05-16T03:04:32.153Z", dateUpdated: "2024-08-02T15:32:46.547Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-202312-0020
Vulnerability from variot
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202312-0020", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, ], sources: [ { db: "NVD", id: "CVE-2023-32843", }, ], }, cve: "CVE-2023-32843", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32843", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32843", trust: 1, value: "HIGH", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-32843", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849)", sources: [ { db: "NVD", id: "CVE-2023-32843", }, { db: "VULMON", id: "CVE-2023-32843", }, ], trust: 0.99, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32843", trust: 1.1, }, { db: "VULMON", id: "CVE-2023-32843", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-32843", }, { db: "NVD", id: "CVE-2023-32843", }, ], }, id: "VAR-202312-0020", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-08-14T15:00:00.087000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-617", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-32843", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.1, url: "https://corp.mediatek.com/product-security-bulletin/december-2023", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-32843", }, { db: "NVD", id: "CVE-2023-32843", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-32843", }, { db: "NVD", id: "CVE-2023-32843", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32843", }, { date: "2023-12-04T04:15:07.463000", db: "NVD", id: "CVE-2023-32843", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32843", }, { date: "2023-12-07T17:33:58.747000", db: "NVD", id: "CVE-2023-32843", }, ], }, }
var-202401-1280
Vulnerability from variot
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. Google of Android Products from multiple vendors, such as the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202401-1280", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "android", scope: "eq", trust: 1, vendor: "google", version: "12.0", }, { model: "lr13", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "android", scope: "eq", trust: 1, vendor: "google", version: "11.0", }, { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "android", scope: "eq", trust: 1, vendor: "google", version: "13.0", }, { model: "nr15", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr16", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr17", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "android", scope: null, trust: 0.8, vendor: "google", version: null, }, { model: "lr13", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024181", }, { db: "NVD", id: "CVE-2023-32891", }, ], }, cve: "CVE-2023-32891", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, id: "CVE-2023-32891", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "High", baseScore: 6.7, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2023-32891", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32891", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-32891", trust: 0.8, value: "Medium", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024181", }, { db: "NVD", id: "CVE-2023-32891", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. Google of Android Products from multiple vendors, such as the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-32891", }, { db: "JVNDB", id: "JVNDB-2023-024181", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32891", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2023-024181", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024181", }, { db: "NVD", id: "CVE-2023-32891", }, ], }, id: "VAR-202401-1280", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.3333333266666667, }, last_update_date: "2024-08-14T14:54:18.608000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024181", }, { db: "NVD", id: "CVE-2023-32891", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://corp.mediatek.com/product-security-bulletin/january-2024", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-32891", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024181", }, { db: "NVD", id: "CVE-2023-32891", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2023-024181", }, { db: "NVD", id: "CVE-2023-32891", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T00:00:00", db: "JVNDB", id: "JVNDB-2023-024181", }, { date: "2024-01-02T03:15:08.633000", db: "NVD", id: "CVE-2023-32891", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T01:17:00", db: "JVNDB", id: "JVNDB-2023-024181", }, { date: "2024-01-05T12:13:46.007000", db: "NVD", id: "CVE-2023-32891", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Google of Android Out-of-bounds write vulnerability in products from multiple vendors such as", sources: [ { db: "JVNDB", id: "JVNDB-2023-024181", }, ], trust: 0.8, }, }
var-202312-0055
Vulnerability from variot
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202312-0055", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, ], sources: [ { db: "NVD", id: "CVE-2023-32846", }, ], }, cve: "CVE-2023-32846", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32846", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32846", trust: 1, value: "HIGH", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-32846", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861)", sources: [ { db: "NVD", id: "CVE-2023-32846", }, { db: "VULMON", id: "CVE-2023-32846", }, ], trust: 0.99, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32846", trust: 1.1, }, { db: "VULMON", id: "CVE-2023-32846", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-32846", }, { db: "NVD", id: "CVE-2023-32846", }, ], }, id: "VAR-202312-0055", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-08-14T14:23:43.518000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-617", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-32846", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.1, url: "https://corp.mediatek.com/product-security-bulletin/december-2023", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-32846", }, { db: "NVD", id: "CVE-2023-32846", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-32846", }, { db: "NVD", id: "CVE-2023-32846", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32846", }, { date: "2023-12-04T04:15:07.613000", db: "NVD", id: "CVE-2023-32846", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32846", }, { date: "2023-12-07T17:33:33.673000", db: "NVD", id: "CVE-2023-32846", }, ], }, }
var-202312-0073
Vulnerability from variot
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202312-0073", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, ], sources: [ { db: "NVD", id: "CVE-2023-32844", }, ], }, cve: "CVE-2023-32844", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32844", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32844", trust: 1, value: "HIGH", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-32844", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850)", sources: [ { db: "NVD", id: "CVE-2023-32844", }, { db: "VULMON", id: "CVE-2023-32844", }, ], trust: 0.99, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32844", trust: 1.1, }, { db: "VULMON", id: "CVE-2023-32844", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-32844", }, { db: "NVD", id: "CVE-2023-32844", }, ], }, id: "VAR-202312-0073", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-08-14T13:41:23.114000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-617", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-32844", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.1, url: "https://corp.mediatek.com/product-security-bulletin/december-2023", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-32844", }, { db: "NVD", id: "CVE-2023-32844", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-32844", }, { db: "NVD", id: "CVE-2023-32844", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32844", }, { date: "2023-12-04T04:15:07.510000", db: "NVD", id: "CVE-2023-32844", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32844", }, { date: "2023-12-07T17:33:50.607000", db: "NVD", id: "CVE-2023-32844", }, ], }, }
var-202207-0316
Vulnerability from variot
In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID: MOLY00803883. MediaTek Inc. is the world's fourth-largest foundry semiconductor company. It is in a leading position in the market of mobile terminals, smart home applications, wireless connection technology and Internet of Things products, with about 1.5 billion units a year End products with built-in MediaTek chips are available all over the world. Attackers can use this vulnerability to execute remote code
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202207-0316", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "lr13", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr9", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr11", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr12a", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr12", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "mt2731 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-85337", }, { db: "NVD", id: "CVE-2022-20083", }, ], }, cve: "CVE-2022-20083", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CVE-2022-20083", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2022-85337", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2022-20083", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-20083", trust: 1, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2022-85337", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202207-480", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2022-20083", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2022-85337", }, { db: "VULMON", id: "CVE-2022-20083", }, { db: "CNNVD", id: "CNNVD-202207-480", }, { db: "NVD", id: "CVE-2022-20083", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID: MOLY00803883. MediaTek Inc. is the world's fourth-largest foundry semiconductor company. It is in a leading position in the market of mobile terminals, smart home applications, wireless connection technology and Internet of Things products, with about 1.5 billion units a year End products with built-in MediaTek chips are available all over the world. Attackers can use this vulnerability to execute remote code", sources: [ { db: "NVD", id: "CVE-2022-20083", }, { db: "CNVD", id: "CNVD-2022-85337", }, { db: "VULMON", id: "CVE-2022-20083", }, ], trust: 1.53, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-20083", trust: 2.3, }, { db: "CNVD", id: "CNVD-2022-85337", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.3342", trust: 0.6, }, { db: "CS-HELP", id: "SB2022070825", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202207-480", trust: 0.6, }, { db: "VULMON", id: "CVE-2022-20083", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-85337", }, { db: "VULMON", id: "CVE-2022-20083", }, { db: "CNNVD", id: "CNNVD-202207-480", }, { db: "NVD", id: "CVE-2022-20083", }, ], }, id: "VAR-202207-0316", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2022-85337", }, ], trust: 1.5898088022077919, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-85337", }, ], }, last_update_date: "2024-08-14T13:12:04.748000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Google Android Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=200007", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202207-480", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2022-20083", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://corp.mediatek.com/product-security-bulletin/july-2022", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-july-2022-38750", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-20083/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.3342", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022070825", }, { trust: 0.6, url: "https://source.android.com/security/bulletin/2022-07-01", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2022-85337", }, { db: "VULMON", id: "CVE-2022-20083", }, { db: "CNNVD", id: "CNNVD-202207-480", }, { db: "NVD", id: "CVE-2022-20083", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2022-85337", }, { db: "VULMON", id: "CVE-2022-20083", }, { db: "CNNVD", id: "CNNVD-202207-480", }, { db: "NVD", id: "CVE-2022-20083", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-09-29T00:00:00", db: "CNVD", id: "CNVD-2022-85337", }, { date: "2022-07-06T00:00:00", db: "VULMON", id: "CVE-2022-20083", }, { date: "2022-07-06T00:00:00", db: "CNNVD", id: "CNNVD-202207-480", }, { date: "2022-07-06T14:15:16.980000", db: "NVD", id: "CVE-2022-20083", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-12-06T00:00:00", db: "CNVD", id: "CNVD-2022-85337", }, { date: "2022-07-14T00:00:00", db: "VULMON", id: "CVE-2022-20083", }, { date: "2022-07-15T00:00:00", db: "CNNVD", id: "CNNVD-202207-480", }, { date: "2022-07-14T01:28:52.117000", db: "NVD", id: "CVE-2022-20083", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202207-480", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple MediaTek Chip Modem 2G/3G CC Out-of-Boundary Write Vulnerabilities", sources: [ { db: "CNVD", id: "CNVD-2022-85337", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202207-480", }, ], trust: 0.6, }, }
var-202401-1212
Vulnerability from variot
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). media tech's NR15 , nr16 , NR17 contains a buffer error vulnerability and an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202401-1212", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr15", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr17", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr16", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024211", }, { db: "NVD", id: "CVE-2023-32887", }, ], }, cve: "CVE-2023-32887", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32887", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2023-32887", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32887", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2023-32887", trust: 0.8, value: "High", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024211", }, { db: "NVD", id: "CVE-2023-32887", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). media tech's NR15 , nr16 , NR17 contains a buffer error vulnerability and an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-32887", }, { db: "JVNDB", id: "JVNDB-2023-024211", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32887", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2023-024211", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024211", }, { db: "NVD", id: "CVE-2023-32887", }, ], }, id: "VAR-202401-1212", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-08-14T13:41:15.182000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1, }, { problemtype: "CWE-787", trust: 1, }, { problemtype: "Buffer error (CWE-119) [NVD evaluation ]", trust: 0.8, }, { problemtype: " Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024211", }, { db: "NVD", id: "CVE-2023-32887", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://corp.mediatek.com/product-security-bulletin/january-2024", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-32887", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024211", }, { db: "NVD", id: "CVE-2023-32887", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2023-024211", }, { db: "NVD", id: "CVE-2023-32887", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T00:00:00", db: "JVNDB", id: "JVNDB-2023-024211", }, { date: "2024-01-02T03:15:08.450000", db: "NVD", id: "CVE-2023-32887", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T01:35:00", db: "JVNDB", id: "JVNDB-2023-024211", }, { date: "2024-01-05T12:13:33.227000", db: "NVD", id: "CVE-2023-32887", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error vulnerability in multiple MediaTek products", sources: [ { db: "JVNDB", id: "JVNDB-2023-024211", }, ], trust: 0.8, }, }
var-202312-0146
Vulnerability from variot
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202312-0146", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, ], sources: [ { db: "NVD", id: "CVE-2023-32842", }, ], }, cve: "CVE-2023-32842", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32842", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32842", trust: 1, value: "HIGH", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-32842", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848)", sources: [ { db: "NVD", id: "CVE-2023-32842", }, { db: "VULMON", id: "CVE-2023-32842", }, ], trust: 0.99, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32842", trust: 1.1, }, { db: "VULMON", id: "CVE-2023-32842", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-32842", }, { db: "NVD", id: "CVE-2023-32842", }, ], }, id: "VAR-202312-0146", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-08-14T14:59:59.980000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-617", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-32842", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.1, url: "https://corp.mediatek.com/product-security-bulletin/december-2023", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-32842", }, { db: "NVD", id: "CVE-2023-32842", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-32842", }, { db: "NVD", id: "CVE-2023-32842", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32842", }, { date: "2023-12-04T04:15:07.417000", db: "NVD", id: "CVE-2023-32842", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32842", }, { date: "2023-12-07T17:34:17.030000", db: "NVD", id: "CVE-2023-32842", }, ], }, }
var-202312-0152
Vulnerability from variot
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202312-0152", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, ], sources: [ { db: "NVD", id: "CVE-2023-32841", }, ], }, cve: "CVE-2023-32841", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32841", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32841", trust: 1, value: "HIGH", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-32841", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846)", sources: [ { db: "NVD", id: "CVE-2023-32841", }, { db: "VULMON", id: "CVE-2023-32841", }, ], trust: 0.99, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32841", trust: 1.1, }, { db: "VULMON", id: "CVE-2023-32841", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-32841", }, { db: "NVD", id: "CVE-2023-32841", }, ], }, id: "VAR-202312-0152", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-08-14T15:10:29.032000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-617", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-32841", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.1, url: "https://corp.mediatek.com/product-security-bulletin/december-2023", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-32841", }, { db: "NVD", id: "CVE-2023-32841", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-32841", }, { db: "NVD", id: "CVE-2023-32841", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32841", }, { date: "2023-12-04T04:15:07.347000", db: "NVD", id: "CVE-2023-32841", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32841", }, { date: "2023-12-07T17:34:09.690000", db: "NVD", id: "CVE-2023-32841", }, ], }, }
var-202401-1328
Vulnerability from variot
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893). LR13 , NR15 , nr16 A number of MediaTek products, including the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202401-1328", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr13", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr15", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr17", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr16", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "lr13", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024217", }, { db: "NVD", id: "CVE-2023-32874", }, ], }, cve: "CVE-2023-32874", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2023-32874", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2023-32874", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32874", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2023-32874", trust: 0.8, value: "Critical", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024217", }, { db: "NVD", id: "CVE-2023-32874", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893). LR13 , NR15 , nr16 A number of MediaTek products, including the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-32874", }, { db: "JVNDB", id: "JVNDB-2023-024217", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32874", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2023-024217", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024217", }, { db: "NVD", id: "CVE-2023-32874", }, ], }, id: "VAR-202401-1328", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.3333333266666667, }, last_update_date: "2024-08-14T13:19:29.606000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024217", }, { db: "NVD", id: "CVE-2023-32874", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://corp.mediatek.com/product-security-bulletin/january-2024", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-32874", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024217", }, { db: "NVD", id: "CVE-2023-32874", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2023-024217", }, { db: "NVD", id: "CVE-2023-32874", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T00:00:00", db: "JVNDB", id: "JVNDB-2023-024217", }, { date: "2024-01-02T03:15:07.833000", db: "NVD", id: "CVE-2023-32874", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T01:37:00", db: "JVNDB", id: "JVNDB-2023-024217", }, { date: "2024-01-05T12:11:38.880000", db: "NVD", id: "CVE-2023-32874", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Out-of-bounds write vulnerability in multiple MediaTek products", sources: [ { db: "JVNDB", id: "JVNDB-2023-024217", }, ], trust: 0.8, }, }
var-202207-0281
Vulnerability from variot
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626. MediaTek Inc. is the world's fourth largest fab semiconductor company, with a leading position in mobile terminals, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion units a year End products with built-in MediaTek chips are available worldwide. Attackers can use this vulnerability to perform remote code execution
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202207-0281", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "lr13", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr9", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr11", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr12a", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr12", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "mt2731 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2731 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt2735 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6297 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6725 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6735 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6737 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6739 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6750s nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6755 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6757p nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6758 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6761 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762d nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6762m nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6763 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6765t nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6767 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6768 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769t nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6769z nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6771 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6775 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6779 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6781 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6783 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6785t nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6789 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6797 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6799 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6833 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6853 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6855 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6873 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6875 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6877 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6879 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6880 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6883 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6885 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6889 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6890 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6891 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6893 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6895 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt6983 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8666 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8667 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8675 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735a nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8735b nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8765 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8766 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8768 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8771 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8781 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8786 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8788 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8789 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8791 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr9", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr11", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr12", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr12a", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 lr13", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 nr15", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, { model: "mt8797 nr16", scope: null, trust: 0.6, vendor: "mediatek", version: null, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-66250", }, { db: "NVD", id: "CVE-2022-21744", }, ], }, cve: "CVE-2022-21744", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CVE-2022-21744", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2022-66250", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2022-21744", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-21744", trust: 1, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2022-66250", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202207-478", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2022-21744", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2022-66250", }, { db: "VULMON", id: "CVE-2022-21744", }, { db: "CNNVD", id: "CNNVD-202207-478", }, { db: "NVD", id: "CVE-2022-21744", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626. MediaTek Inc. is the world's fourth largest fab semiconductor company, with a leading position in mobile terminals, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion units a year End products with built-in MediaTek chips are available worldwide. Attackers can use this vulnerability to perform remote code execution", sources: [ { db: "NVD", id: "CVE-2022-21744", }, { db: "CNVD", id: "CNVD-2022-66250", }, { db: "VULMON", id: "CVE-2022-21744", }, ], trust: 1.53, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-21744", trust: 2.3, }, { db: "CNVD", id: "CNVD-2022-66250", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.3342", trust: 0.6, }, { db: "CS-HELP", id: "SB2022070825", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202207-478", trust: 0.6, }, { db: "VULMON", id: "CVE-2022-21744", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-66250", }, { db: "VULMON", id: "CVE-2022-21744", }, { db: "CNNVD", id: "CNNVD-202207-478", }, { db: "NVD", id: "CVE-2022-21744", }, ], }, id: "VAR-202207-0281", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2022-66250", }, ], trust: 1.5898088022077919, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-66250", }, ], }, last_update_date: "2024-08-14T12:14:53.956000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Several MediaTek chips Modem 2G RR have out-of-bounds write vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/353611", }, { title: "Google Android Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=200005", }, ], sources: [ { db: "CNVD", id: "CNVD-2022-66250", }, { db: "CNNVD", id: "CNNVD-202207-478", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2022-21744", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://corp.mediatek.com/product-security-bulletin/july-2022", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-july-2022-38750", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-21744/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.3342", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022070825", }, { trust: 0.6, url: "https://source.android.com/security/bulletin/2022-07-01", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2022-66250", }, { db: "VULMON", id: "CVE-2022-21744", }, { db: "CNNVD", id: "CNNVD-202207-478", }, { db: "NVD", id: "CVE-2022-21744", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2022-66250", }, { db: "VULMON", id: "CVE-2022-21744", }, { db: "CNNVD", id: "CNNVD-202207-478", }, { db: "NVD", id: "CVE-2022-21744", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-09-29T00:00:00", db: "CNVD", id: "CNVD-2022-66250", }, { date: "2022-07-06T00:00:00", db: "VULMON", id: "CVE-2022-21744", }, { date: "2022-07-06T00:00:00", db: "CNNVD", id: "CNNVD-202207-478", }, { date: "2022-07-06T14:15:17.027000", db: "NVD", id: "CVE-2022-21744", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-09-28T00:00:00", db: "CNVD", id: "CNVD-2022-66250", }, { date: "2022-07-14T00:00:00", db: "VULMON", id: "CVE-2022-21744", }, { date: "2022-07-15T00:00:00", db: "CNNVD", id: "CNNVD-202207-478", }, { date: "2022-07-14T01:26:43.237000", db: "NVD", id: "CVE-2022-21744", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202207-478", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Several MediaTek chips Modem 2G RR have out-of-bounds write vulnerability", sources: [ { db: "CNVD", id: "CNVD-2022-66250", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202207-478", }, ], trust: 0.6, }, }
var-202311-0339
Vulnerability from variot
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202311-0339", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr12a", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, ], sources: [ { db: "NVD", id: "CVE-2023-32840", }, ], }, cve: "CVE-2023-32840", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.6, id: "CVE-2023-32840", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "134c704f-9b21-4f2e-91b3-4a467353bcc0", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.5, id: "CVE-2023-32840", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32840", trust: 1, value: "MEDIUM", }, { author: "134c704f-9b21-4f2e-91b3-4a467353bcc0", id: "CVE-2023-32840", trust: 1, value: "HIGH", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-32840", }, { db: "NVD", id: "CVE-2023-32840", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862)", sources: [ { db: "NVD", id: "CVE-2023-32840", }, { db: "VULMON", id: "CVE-2023-32840", }, ], trust: 0.99, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32840", trust: 1.1, }, { db: "VULMON", id: "CVE-2023-32840", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-32840", }, { db: "NVD", id: "CVE-2023-32840", }, ], }, id: "VAR-202311-0339", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.3333333266666667, }, last_update_date: "2024-09-05T23:13:49.490000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-32840", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.1, url: "https://corp.mediatek.com/product-security-bulletin/november-2023", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-32840", }, { db: "NVD", id: "CVE-2023-32840", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-32840", }, { db: "NVD", id: "CVE-2023-32840", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-11-06T00:00:00", db: "VULMON", id: "CVE-2023-32840", }, { date: "2023-11-06T04:15:08.097000", db: "NVD", id: "CVE-2023-32840", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-11-06T00:00:00", db: "VULMON", id: "CVE-2023-32840", }, { date: "2024-09-05T15:35:07.837000", db: "NVD", id: "CVE-2023-32840", }, ], }, }
var-202401-1234
Vulnerability from variot
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894). media tech's NR15 , nr16 , NR17 Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202401-1234", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr15", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr17", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr16", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024212", }, { db: "NVD", id: "CVE-2023-32888", }, ], }, cve: "CVE-2023-32888", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32888", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2023-32888", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32888", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2023-32888", trust: 0.8, value: "High", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024212", }, { db: "NVD", id: "CVE-2023-32888", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894). media tech's NR15 , nr16 , NR17 Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-32888", }, { db: "JVNDB", id: "JVNDB-2023-024212", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32888", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2023-024212", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024212", }, { db: "NVD", id: "CVE-2023-32888", }, ], }, id: "VAR-202401-1234", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-08-14T15:26:13.763000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024212", }, { db: "NVD", id: "CVE-2023-32888", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://corp.mediatek.com/product-security-bulletin/january-2024", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-32888", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024212", }, { db: "NVD", id: "CVE-2023-32888", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2023-024212", }, { db: "NVD", id: "CVE-2023-32888", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T00:00:00", db: "JVNDB", id: "JVNDB-2023-024212", }, { date: "2024-01-02T03:15:08.493000", db: "NVD", id: "CVE-2023-32888", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T01:35:00", db: "JVNDB", id: "JVNDB-2023-024212", }, { date: "2024-01-05T12:13:38.553000", db: "NVD", id: "CVE-2023-32888", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Out-of-bounds write vulnerability in multiple MediaTek products", sources: [ { db: "JVNDB", id: "JVNDB-2023-024212", }, ], trust: 0.8, }, }
var-202311-0169
Vulnerability from variot
In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202311-0169", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, ], sources: [ { db: "NVD", id: "CVE-2023-20702", }, ], }, cve: "CVE-2023-20702", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-20702", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20702", trust: 1, value: "HIGH", }, { author: "134c704f-9b21-4f2e-91b3-4a467353bcc0", id: "CVE-2023-20702", trust: 1, value: "HIGH", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-20702", }, { db: "NVD", id: "CVE-2023-20702", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895", sources: [ { db: "NVD", id: "CVE-2023-20702", }, { db: "VULMON", id: "CVE-2023-20702", }, ], trust: 0.99, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20702", trust: 1.1, }, { db: "VULMON", id: "CVE-2023-20702", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20702", }, { db: "NVD", id: "CVE-2023-20702", }, ], }, id: "VAR-202311-0169", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-09-05T23:10:50.714000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-20702", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.1, url: "https://corp.mediatek.com/product-security-bulletin/november-2023", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20702", }, { db: "NVD", id: "CVE-2023-20702", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20702", }, { db: "NVD", id: "CVE-2023-20702", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-11-06T00:00:00", db: "VULMON", id: "CVE-2023-20702", }, { date: "2023-11-06T04:15:07.653000", db: "NVD", id: "CVE-2023-20702", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-11-06T00:00:00", db: "VULMON", id: "CVE-2023-20702", }, { date: "2024-09-05T16:35:02.980000", db: "NVD", id: "CVE-2023-20702", }, ], }, }
var-202401-1179
Vulnerability from variot
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807. media tech's NR15 , nr16 , NR17 Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202401-1179", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr15", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr17", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr16", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024210", }, { db: "NVD", id: "CVE-2023-32886", }, ], }, cve: "CVE-2023-32886", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32886", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2023-32886", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32886", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2023-32886", trust: 0.8, value: "High", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024210", }, { db: "NVD", id: "CVE-2023-32886", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807. media tech's NR15 , nr16 , NR17 Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-32886", }, { db: "JVNDB", id: "JVNDB-2023-024210", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32886", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2023-024210", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024210", }, { db: "NVD", id: "CVE-2023-32886", }, ], }, id: "VAR-202401-1179", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-08-14T14:01:23.385000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024210", }, { db: "NVD", id: "CVE-2023-32886", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://corp.mediatek.com/product-security-bulletin/january-2024", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-32886", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024210", }, { db: "NVD", id: "CVE-2023-32886", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2023-024210", }, { db: "NVD", id: "CVE-2023-32886", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T00:00:00", db: "JVNDB", id: "JVNDB-2023-024210", }, { date: "2024-01-02T03:15:08.400000", db: "NVD", id: "CVE-2023-32886", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T01:35:00", db: "JVNDB", id: "JVNDB-2023-024210", }, { date: "2024-01-05T12:13:26.847000", db: "NVD", id: "CVE-2023-32886", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Out-of-bounds write vulnerability in multiple MediaTek products", sources: [ { db: "JVNDB", id: "JVNDB-2023-024210", }, ], trust: 0.8, }, }
var-202211-0490
Vulnerability from variot
In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118. LR12A , LR13 , NR15 A reachable assertion vulnerability exists in several MediaTek products.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202211-0490", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "lr12a", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr13", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "lr12a", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr15", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "lr13", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-020614", }, { db: "NVD", id: "CVE-2022-26446", }, ], }, cve: "CVE-2022-26446", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2022-26446", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2022-26446", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-26446", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2022-26446", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202211-2385", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-020614", }, { db: "CNNVD", id: "CNNVD-202211-2385", }, { db: "NVD", id: "CVE-2022-26446", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118. LR12A , LR13 , NR15 A reachable assertion vulnerability exists in several MediaTek products.Service operation interruption (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2022-26446", }, { db: "JVNDB", id: "JVNDB-2022-020614", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-26446", trust: 3.2, }, { db: "JVNDB", id: "JVNDB-2022-020614", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202211-2385", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-020614", }, { db: "CNNVD", id: "CNNVD-202211-2385", }, { db: "NVD", id: "CVE-2022-26446", }, ], }, id: "VAR-202211-0490", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.32291666, }, last_update_date: "2024-08-14T14:43:39.548000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "MediaTek Fixes for chip security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=213789", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202211-2385", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-617", trust: 1, }, { problemtype: "Reachable assertions (CWE-617) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-020614", }, { db: "NVD", id: "CVE-2022-26446", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://corp.mediatek.com/product-security-bulletin/november-2022", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26446", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-26446/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-020614", }, { db: "CNNVD", id: "CNNVD-202211-2385", }, { db: "NVD", id: "CVE-2022-26446", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2022-020614", }, { db: "CNNVD", id: "CNNVD-202211-2385", }, { db: "NVD", id: "CVE-2022-26446", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-11-02T00:00:00", db: "JVNDB", id: "JVNDB-2022-020614", }, { date: "2022-11-08T00:00:00", db: "CNNVD", id: "CNNVD-202211-2385", }, { date: "2022-11-08T21:15:11.423000", db: "NVD", id: "CVE-2022-26446", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-11-02T08:06:00", db: "JVNDB", id: "JVNDB-2022-020614", }, { date: "2022-11-10T00:00:00", db: "CNNVD", id: "CNNVD-202211-2385", }, { date: "2022-11-09T18:05:02.790000", db: "NVD", id: "CVE-2022-26446", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202211-2385", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Reachable assertion vulnerability in multiple MediaTek products", sources: [ { db: "JVNDB", id: "JVNDB-2022-020614", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202211-2385", }, ], trust: 0.6, }, }
var-202308-3352
Vulnerability from variot
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003. LR11 , LR12A , LR13 A number of MediaTek products, including the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202308-3352", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr13", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr12a", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr11", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr12a", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr15", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "lr11", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr17", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr16", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "lr13", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-013538", }, { db: "NVD", id: "CVE-2023-20819", }, ], }, cve: "CVE-2023-20819", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2023-20819", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "134c704f-9b21-4f2e-91b3-4a467353bcc0", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, id: "CVE-2023-20819", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2023-20819", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20819", trust: 1, value: "CRITICAL", }, { author: "134c704f-9b21-4f2e-91b3-4a467353bcc0", id: "CVE-2023-20819", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20819", trust: 0.8, value: "Critical", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-013538", }, { db: "NVD", id: "CVE-2023-20819", }, { db: "NVD", id: "CVE-2023-20819", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003. LR11 , LR12A , LR13 A number of MediaTek products, including the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-20819", }, { db: "JVNDB", id: "JVNDB-2023-013538", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20819", trust: 2.7, }, { db: "JVNDB", id: "JVNDB-2023-013538", trust: 0.8, }, { db: "VULMON", id: "CVE-2023-20819", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20819", }, { db: "JVNDB", id: "JVNDB-2023-013538", }, { db: "NVD", id: "CVE-2023-20819", }, ], }, id: "VAR-202308-3352", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.31666666, }, last_update_date: "2024-09-22T23:17:41.982000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "", trust: 0.1, url: "https://github.com/N3vv/N3vv ", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20819", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-013538", }, { db: "NVD", id: "CVE-2023-20819", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://corp.mediatek.com/product-security-bulletin/october-2023", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20819", }, { trust: 0.1, url: "https://github.com/n3vv/n3vv", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20819", }, { db: "JVNDB", id: "JVNDB-2023-013538", }, { db: "NVD", id: "CVE-2023-20819", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20819", }, { db: "JVNDB", id: "JVNDB-2023-013538", }, { db: "NVD", id: "CVE-2023-20819", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-21T00:00:00", db: "JVNDB", id: "JVNDB-2023-013538", }, { date: "2023-10-02T03:15:09.710000", db: "NVD", id: "CVE-2023-20819", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-21T03:07:00", db: "JVNDB", id: "JVNDB-2023-013538", }, { date: "2024-09-21T16:35:01.573000", db: "NVD", id: "CVE-2023-20819", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Out-of-bounds write vulnerability in multiple MediaTek products", sources: [ { db: "JVNDB", id: "JVNDB-2023-013538", }, ], trust: 0.8, }, }
var-202401-1198
Vulnerability from variot
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963). LR13 , NR15 , nr16 A number of MediaTek products, including the following, contain vulnerabilities related to input validation.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202401-1198", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "lr13", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr15", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr17", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "nr16", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, { model: "lr13", scope: null, trust: 0.8, vendor: "メディアテック", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024180", }, { db: "NVD", id: "CVE-2023-32890", }, ], }, cve: "CVE-2023-32890", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32890", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "134c704f-9b21-4f2e-91b3-4a467353bcc0", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.2, id: "CVE-2023-32890", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2023-32890", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32890", trust: 1, value: "HIGH", }, { author: "134c704f-9b21-4f2e-91b3-4a467353bcc0", id: "CVE-2023-32890", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-32890", trust: 0.8, value: "High", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024180", }, { db: "NVD", id: "CVE-2023-32890", }, { db: "NVD", id: "CVE-2023-32890", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963). LR13 , NR15 , nr16 A number of MediaTek products, including the following, contain vulnerabilities related to input validation.Service operation interruption (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-32890", }, { db: "JVNDB", id: "JVNDB-2023-024180", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32890", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2023-024180", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024180", }, { db: "NVD", id: "CVE-2023-32890", }, ], }, id: "VAR-202401-1198", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.3333333266666667, }, last_update_date: "2024-08-14T15:31:40.106000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1, }, { problemtype: "Inappropriate input confirmation (CWE-20) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024180", }, { db: "NVD", id: "CVE-2023-32890", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1, url: "https://corp.mediatek.com/product-security-bulletin/april-2024", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-32890", }, { trust: 0.8, url: "https://corp.mediatek.com/product-security-bulletin/january-2024", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-024180", }, { db: "NVD", id: "CVE-2023-32890", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2023-024180", }, { db: "NVD", id: "CVE-2023-32890", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T00:00:00", db: "JVNDB", id: "JVNDB-2023-024180", }, { date: "2024-01-02T03:15:08.587000", db: "NVD", id: "CVE-2023-32890", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T01:17:00", db: "JVNDB", id: "JVNDB-2023-024180", }, { date: "2024-07-03T01:40:05.030000", db: "NVD", id: "CVE-2023-32890", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation vulnerability in multiple MediaTek products", sources: [ { db: "JVNDB", id: "JVNDB-2023-024180", }, ], trust: 0.8, }, }
var-202312-0171
Vulnerability from variot
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202312-0171", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nr15", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr17", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, { model: "nr16", scope: "eq", trust: 1, vendor: "mediatek", version: null, }, ], sources: [ { db: "NVD", id: "CVE-2023-32845", }, ], }, cve: "CVE-2023-32845", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2023-32845", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32845", trust: 1, value: "HIGH", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-32845", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860)", sources: [ { db: "NVD", id: "CVE-2023-32845", }, { db: "VULMON", id: "CVE-2023-32845", }, ], trust: 0.99, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32845", trust: 1.1, }, { db: "VULMON", id: "CVE-2023-32845", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-32845", }, { db: "NVD", id: "CVE-2023-32845", }, ], }, id: "VAR-202312-0171", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.35416666, }, last_update_date: "2024-08-14T14:36:30.908000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-617", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-32845", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.1, url: "https://corp.mediatek.com/product-security-bulletin/december-2023", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-32845", }, { db: "NVD", id: "CVE-2023-32845", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-32845", }, { db: "NVD", id: "CVE-2023-32845", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32845", }, { date: "2023-12-04T04:15:07.567000", db: "NVD", id: "CVE-2023-32845", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-04T00:00:00", db: "VULMON", id: "CVE-2023-32845", }, { date: "2023-12-07T17:33:36.227000", db: "NVD", id: "CVE-2023-32845", }, ], }, }