CVSS: 5.5EPSS: 0%CPEs: 47EXPL: 0CVE-2023-20824
https://notcve.org/view.php?id=CVE-2023-20824
04 Sep 2023 — In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951402. En duraspeed, existe una posible divulgación de información debido a la falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-862: Missing Authorization •
CVSS: 4.4EPSS: 0%CPEs: 22EXPL: 0CVE-2023-20823
https://notcve.org/view.php?id=CVE-2023-20823
04 Sep 2023 — In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592. En cmdq, existe una posible lectura fuera de límites debido a una comprobación de estado incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 56EXPL: 0CVE-2023-20821
https://notcve.org/view.php?id=CVE-2023-20821
04 Sep 2023 — In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113. En nvram, existe una posible escritura fuera de límites debido a una inexistente comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-20802
https://notcve.org/view.php?id=CVE-2023-20802
07 Aug 2023 — In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420976. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 10EXPL: 0CVE-2023-20801
https://notcve.org/view.php?id=CVE-2023-20801
07 Aug 2023 — In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420968. In imgsys, there is a possible use after free due to a race condition. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-20800
https://notcve.org/view.php?id=CVE-2023-20800
07 Aug 2023 — In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420955. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-863: Incorrect Authorization •
CVSS: 4.4EPSS: 0%CPEs: 31EXPL: 0CVE-2023-20796
https://notcve.org/view.php?id=CVE-2023-20796
07 Aug 2023 — In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2023-20795
https://notcve.org/view.php?id=CVE-2023-20795
07 Aug 2023 — In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07864900; Issue ID: ALPS07864900. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 71EXPL: 0CVE-2023-20790
https://notcve.org/view.php?id=CVE-2023-20790
07 Aug 2023 — In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 21EXPL: 0CVE-2023-20785
https://notcve.org/view.php?id=CVE-2023-20785
07 Aug 2023 — In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •