CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43537 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2023-43537
Information disclosure while handling T2LM Action Frame in WLAN Host. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-20071
https://notcve.org/view.php?id=CVE-2024-20071
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-125: Out-of-bounds Read •
CVSS: 5.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-20070
https://notcve.org/view.php?id=CVE-2024-20070
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-20069
https://notcve.org/view.php?id=CVE-2024-20069
This could lead to remote information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 4.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-20065
https://notcve.org/view.php?id=CVE-2024-20065
In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-284: Improper Access Control •