fkie_cve-2023-32830
Vulnerability from fkie_nvd
Published
2023-10-02 03:15
Modified
2024-11-21 08:04
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03802522; Issue ID: DTV03802522.
References
security@mediatek.comhttps://corp.mediatek.com/product-security-bulletin/October-2023Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://corp.mediatek.com/product-security-bulletin/October-2023Vendor Advisory
Impacted products
Vendor Product Version
google android 10.0
google android 11.0
mediatek mt5527 -
mediatek mt5583 -
mediatek mt5598 -
mediatek mt5599 -
mediatek mt5670 -
mediatek mt5680 -
mediatek mt5691 -
mediatek mt5695 -
mediatek mt5806 -
mediatek mt5813 -
mediatek mt5815 -
mediatek mt5816 -
mediatek mt5833 -
mediatek mt5835 -
mediatek mt5895 -
mediatek mt9010 -
mediatek mt9011 -
mediatek mt9012 -
mediatek mt9016 -
mediatek mt9020 -
mediatek mt9021 -
mediatek mt9022 -
mediatek mt9215 -
mediatek mt9216 -
mediatek mt9221 -
mediatek mt9222 -
mediatek mt9255 -
mediatek mt9256 -
mediatek mt9266 -
mediatek mt9269 -
mediatek mt9285 -
mediatek mt9286 -
mediatek mt9600 -
mediatek mt9602 -
mediatek mt9610 -
mediatek mt9612 -
mediatek mt9613 -
mediatek mt9615 -
mediatek mt9617 -
mediatek mt9629 -
mediatek mt9630 -
mediatek mt9631 -
mediatek mt9632 -
mediatek mt9633 -
mediatek mt9636 -
mediatek mt9638 -
mediatek mt9639 -
mediatek mt9649 -
mediatek mt9650 -
mediatek mt9652 -
mediatek mt9653 -
mediatek mt9660 -
mediatek mt9666 -
mediatek mt9667 -
mediatek mt9669 -
mediatek mt9670 -
mediatek mt9671 -
mediatek mt9675 -
mediatek mt9679 -
mediatek mt9685 -
mediatek mt9686 -
mediatek mt9688 -
mediatek mt9900 -
mediatek mt9901 -
mediatek mt9931 -
mediatek mt9950 -
mediatek mt9969 -
mediatek mt9970 -
mediatek mt9980 -
mediatek mt9981 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt5527:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69C04171-DB18-40D7-AFC5-04A869942396",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5583:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C394724-3294-4953-85C8-EE3894B5092C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5598:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "455B256C-83C8-406F-B28F-A4205E7C094E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5599:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4FF926A-2D26-4666-ACA4-474A89243566",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5670:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59206E9-31C7-40A4-86EF-1D12EA2C5CDC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5680:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07AEB6AF-2644-4560-9C11-C608C1AD9F66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5691:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96BD96BE-10BC-4C7E-8A48-C7CB08A61765",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5695:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75A56009-090B-4101-B000-224412058654",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5806:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2587EAA-29E0-4123-9855-CA726B8014C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5813:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F87A1085-222A-4135-9DB5-EB1AB0452561",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5815:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B4D227C-8387-441E-B085-E933FFB69AE8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5816:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B68EA99F-5323-4167-9DF9-D677BCA37A22",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5833:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9237902-24AE-4127-AC96-5982BD37ECC1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5835:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B93DFF-3D39-42DD-B6EB-3E3172F25A93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt5895:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B2216B-3B20-4DFC-BB2A-7DDD060E5C40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC50C1C-A31D-4EDF-AB6A-FA1E92AE7F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE06B45-7F23-4EB5-9885-4FCA0FC0D5C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9012:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFB4E04-7BC0-4B48-ABD7-6971E4725895",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE1DD6A9-E503-4A8E-92FF-625CD734DBD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAAF66C-9C81-498B-A0C0-3295CB7324A9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9021:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E1092AC-60EC-453C-9AA9-8F35A2A6DF92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9022:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ED16A-35A5-4F54-A01F-6EADE58E5530",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9215:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "726E51E6-E765-4973-A0D2-5CC746CACFB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9216:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B45803F-1AD2-47C8-BB9B-276628A0D605",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9221:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9E90123-D7DC-4C68-B2F9-27DCEDED2FC6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9222:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B250A0A-BE50-45B6-AD72-8EA876F64DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9255:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9C5A33A-7B04-4E14-A268-A717CD2420DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAC84405-17EE-4C25-8477-317F2A6A095F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9266:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85C42802-293E-448B-A059-DFDEF1D97EC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9269:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F19E7E64-721E-436B-B879-D1EDE5EFF84C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9285:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A7E7D3C-436A-4068-99F1-AFEB34989F69",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CEEB709-8C7B-48AF-B359-9CE9C68790D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1567AAB0-8C08-4A7C-A5D3-4F057C7F6871",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49ED757E-42DD-4176-B216-915EFD8E2F40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BA3286D-A136-4EB2-A181-6EF8A556EFDF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9612:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD04E099-75F4-48F6-BB8C-28A5D6FB8F60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9613:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E92602E3-1B1B-4683-801D-D151919C63EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF44498-001B-4A51-AB32-EBC206B14741",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9617:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2E6E130-9F65-482B-AF8B-97DA81FCE19E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E5EE7B-1208-4007-AF87-6DC309FFE312",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE404F4-FFAE-4646-9234-15230F0577F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA834B63-F689-48BA-84E6-500351990BFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF1B3B37-22C4-42F4-8264-07512619D706",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9633:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CF26725-1701-40F4-83E9-1A4709B60763",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C6E88C-46DD-45AB-88C1-B69FC0E25056",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BC3AE7-4180-4B8C-AB69-8AC4F502700D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9660:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB80E351-B6E5-4571-A603-04A3A6AFB8CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9666:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A4E9A32-6267-4AB3-B9A9-BBC79ED2F343",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9667:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7AC916-FF8D-430D-837C-0587056198AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9670:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3E19E5-4DD7-4ECB-A7AE-F501A152078E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9671:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F5F738-459C-4316-80AF-1B9C33E0F36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B7E06-8C40-4D37-8D10-4816E51CA143",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "717AE700-78CC-4750-92CB-C9293571EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFD9AD54-9F0F-414B-8936-3A981657D6AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D78E76-6A3B-4736-B7E7-C9032CDA845B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4A720E3-FF7F-4607-998D-EBD23F38A2DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F433EC9-C9F5-40D4-9EBB-219295EC1978",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9931:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB4C96A-A50F-4194-BE9C-BF2DFD3DEB3B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9950:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31E0E580-A76F-4CFA-BFF2-0F7540C63C3C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9969:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B14AF01-D1D9-483B-9D10-2697A08FFA8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "961C13C3-2C3D-46B1-A618-D45920EC5E95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16B4C37E-B6CA-4176-B98D-E1C9E66472EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt9981:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62282860-5EAF-45EA-B36E-6B6F124C3096",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03802522; Issue ID: DTV03802522."
    },
    {
      "lang": "es",
      "value": "En TVAPI, existe una posible escritura fuera de l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: DTV03802522; ID del problema: DTV03802522."
    }
  ],
  "id": "CVE-2023-32830",
  "lastModified": "2024-11-21T08:04:08.193",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-10-02T03:15:10.233",
  "references": [
    {
      "source": "security@mediatek.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/October-2023"
    }
  ],
  "sourceIdentifier": "security@mediatek.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.