CVSS: 9.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-20079
https://notcve.org/view.php?id=CVE-2024-20079
01 Jul 2024 — In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: MSV-1491. En el servicio gnss, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-20078
https://notcve.org/view.php?id=CVE-2024-20078
01 Jul 2024 — In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08737250; Issue ID: MSV-1452. En venc, existe una posible escritura fuera de los límites debido a una confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2024-20076
https://notcve.org/view.php?id=CVE-2024-20076
01 Jul 2024 — In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297806; Issue ID: MSV-1481. En Modem, existe una posible falla del sistema debido a un manejo incorrecto de errores. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2024-20077
https://notcve.org/view.php?id=CVE-2024-20077
01 Jul 2024 — In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482. En Modem, existe una posible falla del sistema debido a un manejo incorrecto de errores. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2024-20075
https://notcve.org/view.php?id=CVE-2024-20075
03 Jun 2024 — In eemgpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08713302; Issue ID: MSV-1393. En eemgpu, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.6EPSS: 0%CPEs: 30EXPL: 0CVE-2024-20074
https://notcve.org/view.php?id=CVE-2024-20074
03 Jun 2024 — In dmc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08668110; Issue ID: MSV-1333. En dmc, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-20073
https://notcve.org/view.php?id=CVE-2024-20073
03 Jun 2024 — In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; Issue ID: MSV-1411. En el servicio WLAN, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2024-20072
https://notcve.org/view.php?id=CVE-2024-20072
03 Jun 2024 — In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364732; Issue ID: MSV-1332. En el controlador WLAN, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2024-20071
https://notcve.org/view.php?id=CVE-2024-20071
03 Jun 2024 — In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364733; Issue ID: MSV-1331. En el controlador WLAN, existe una posible lectura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-20069
https://notcve.org/view.php?id=CVE-2024-20069
03 Jun 2024 — In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01286330; Issue ID: MSV-1430. En el módem, existe una posible selección de algoritmos menos seguros durante el IKE de VoWiFi debido a que falta una verificación de degradación de DH. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •