CVSS: 6.7EPSS: 0%CPEs: 61EXPL: 0CVE-2024-20013
https://notcve.org/view.php?id=CVE-2024-20013
05 Feb 2024 — In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608. En keyInstall, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 21EXPL: 0CVE-2024-20003
https://notcve.org/view.php?id=CVE-2024-20003
05 Feb 2024 — In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01191612 (MSV-981). En Modem NL1, existe una posible falla del sistema debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2024-20010
https://notcve.org/view.php?id=CVE-2024-20010
05 Feb 2024 — In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560. En keyInstall, existe una posible escalada de privilegios debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32889
https://notcve.org/view.php?id=CVE-2023-32889
02 Jan 2024 — In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895). En Modem IMS Call UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 47EXPL: 0CVE-2023-32886
https://notcve.org/view.php?id=CVE-2023-32886
02 Jan 2024 — In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807. En el módem IMS SMS UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32876
https://notcve.org/view.php?id=CVE-2023-32876
02 Jan 2024 — In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612. En keyInstall, existe una posible divulgación de información debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32875
https://notcve.org/view.php?id=CVE-2023-32875
02 Jan 2024 — In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217. En keyInstall, existe una posible divulgación de información debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32872
https://notcve.org/view.php?id=CVE-2023-32872
02 Jan 2024 — In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607. En keyInstall, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 46EXPL: 0CVE-2023-32859
https://notcve.org/view.php?id=CVE-2023-32859
04 Dec 2023 — In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473. En meta, existe un posible desbordamiento del búfer clásico debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 68EXPL: 0CVE-2023-32840
https://notcve.org/view.php?id=CVE-2023-32840
06 Nov 2023 — In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862). En modem CCCI, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •