CVSS: 6.7EPSS: 0%CPEs: 15EXPL: 0CVE-2023-20744
https://notcve.org/view.php?id=CVE-2023-20744
In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519200. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 15EXPL: 0CVE-2023-20743
https://notcve.org/view.php?id=CVE-2023-20743
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519142. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-667: Improper Locking •
CVSS: 6.7EPSS: 0%CPEs: 39EXPL: 0CVE-2023-20740
https://notcve.org/view.php?id=CVE-2023-20740
In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559840. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 43EXPL: 0CVE-2023-20728
https://notcve.org/view.php?id=CVE-2023-20728
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2023-20696
https://notcve.org/view.php?id=CVE-2023-20696
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only). • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-787: Out-of-bounds Write •