CVSS: 4.4EPSS: 0%CPEs: 36EXPL: 0CVE-2023-20660
https://notcve.org/view.php?id=CVE-2023-20660
In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 42EXPL: 0CVE-2023-20677
https://notcve.org/view.php?id=CVE-2023-20677
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.4EPSS: 0%CPEs: 76EXPL: 0CVE-2023-20623
https://notcve.org/view.php?id=CVE-2023-20623
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2022-32656
https://notcve.org/view.php?id=CVE-2022-32656
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035. • https://corp.mediatek.com/product-security-bulletin/February-2023 •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2022-32655
https://notcve.org/view.php?id=CVE-2022-32655
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028. • https://corp.mediatek.com/product-security-bulletin/February-2023 • CWE-755: Improper Handling of Exceptional Conditions •