CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20092
https://notcve.org/view.php?id=CVE-2024-20092
07 Oct 2024 — In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1700. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20091
https://notcve.org/view.php?id=CVE-2024-20091
07 Oct 2024 — In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1701. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20090
https://notcve.org/view.php?id=CVE-2024-20090
07 Oct 2024 — In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-20089
https://notcve.org/view.php?id=CVE-2024-20089
02 Sep 2024 — In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526. En WLAN, existe una posible denegación de servicio debido a un manejo incorrecto de errores. • https://corp.mediatek.com/product-security-bulletin/September-2024 • CWE-703: Improper Check or Handling of Exceptional Conditions CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20087
https://notcve.org/view.php?id=CVE-2024-20087
02 Sep 2024 — In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550. En vdec, existe una posible escritura fuera de los límites debido a una verificación de los límites faltante. • https://corp.mediatek.com/product-security-bulletin/September-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20086
https://notcve.org/view.php?id=CVE-2024-20086
02 Sep 2024 — In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551. En vdec, existe una posible escritura fuera de los límites debido a una verificación de los límites faltante. • https://corp.mediatek.com/product-security-bulletin/September-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20083
https://notcve.org/view.php?id=CVE-2024-20083
14 Aug 2024 — In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502. • https://corp.mediatek.com/product-security-bulletin/August-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 0CVE-2024-20082
https://notcve.org/view.php?id=CVE-2024-20082
14 Aug 2024 — In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529. • https://corp.mediatek.com/product-security-bulletin/August-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 36EXPL: 0CVE-2024-20081
https://notcve.org/view.php?id=CVE-2024-20081
01 Jul 2024 — In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412. En el servicio gnss, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 36EXPL: 0CVE-2024-20080
https://notcve.org/view.php?id=CVE-2024-20080
01 Jul 2024 — In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424. En el servicio gnss existe una posible escalada de privilegios debido a una validación inadecuada del certificado. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-295: Improper Certificate Validation •