CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20805
https://notcve.org/view.php?id=CVE-2023-20805
07 Aug 2023 — In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326411. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20804
https://notcve.org/view.php?id=CVE-2023-20804
07 Aug 2023 — In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326384. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20803
https://notcve.org/view.php?id=CVE-2023-20803
07 Aug 2023 — In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326374. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-20802
https://notcve.org/view.php?id=CVE-2023-20802
07 Aug 2023 — In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420976. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 10EXPL: 0CVE-2023-20801
https://notcve.org/view.php?id=CVE-2023-20801
07 Aug 2023 — In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420968. In imgsys, there is a possible use after free due to a race condition. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-20800
https://notcve.org/view.php?id=CVE-2023-20800
07 Aug 2023 — In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420955. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 1%CPEs: 33EXPL: 0CVE-2022-32666
https://notcve.org/view.php?id=CVE-2022-32666
04 Jul 2023 — In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014. • https://corp.mediatek.com/product-security-bulletin/July-2023 •
CVSS: 7.8EPSS: 1%CPEs: 16EXPL: 0CVE-2023-20693
https://notcve.org/view.php?id=CVE-2023-20693
04 Jul 2023 — In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0CVE-2023-20692
https://notcve.org/view.php?id=CVE-2023-20692
04 Jul 2023 — In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664720; Issue ID: ALPS07664720. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0CVE-2023-20691
https://notcve.org/view.php?id=CVE-2023-20691
04 Jul 2023 — In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-190: Integer Overflow or Wraparound •