CVSS: 4.4EPSS: 0%CPEs: 22EXPL: 0CVE-2023-20823
https://notcve.org/view.php?id=CVE-2023-20823
In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592. En cmdq, existe una posible lectura fuera de límites debido a una comprobación de estado incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 15EXPL: 0CVE-2023-20822
https://notcve.org/view.php?id=CVE-2023-20822
In netdagent, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944012; Issue ID: ALPS07944012. En netdagent, existe una posible divulgación de información debido a una comprobación de límites omitida. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 56EXPL: 0CVE-2023-20821
https://notcve.org/view.php?id=CVE-2023-20821
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113. En nvram, existe una posible escritura fuera de límites debido a una inexistente comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33915
https://notcve.org/view.php?id=CVE-2023-33915
In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed En LTE protocol stack, es posible que falte una comprobación de permisos. Esto podría conducir a la divulgación remota de información. No se necesitan privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-33914
https://notcve.org/view.php?id=CVE-2023-33914
In NIA0 algorithm in Security Mode Command, there is a possible missing verification incorrect input. This could lead to remote information disclosure no additional execution privileges needed En el algoritmo NIA0 en el comando de modo de seguridad, hay una posible falta de verificación de entrada incorrecta. Esto podría conducir a la divulgación remota de información. No se necesitan privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 • CWE-20: Improper Input Validation •