CVSS: 7.8EPSS: 2%CPEs: 36EXPL: 0CVE-2023-32842
https://notcve.org/view.php?id=CVE-2023-32842
04 Dec 2023 — In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848). En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 2%CPEs: 36EXPL: 0CVE-2023-32841
https://notcve.org/view.php?id=CVE-2023-32841
04 Dec 2023 — In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846). En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-617: Reachable Assertion •
CVSS: 6.7EPSS: 0%CPEs: 40EXPL: 0CVE-2023-32855
https://notcve.org/view.php?id=CVE-2023-32855
04 Dec 2023 — In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204. En aee, existe una posible escalada de privilegios debido a la falta de una verificación de permisos. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-862: Missing Authorization •
CVSS: 6.7EPSS: 0%CPEs: 21EXPL: 0CVE-2023-32854
https://notcve.org/view.php?id=CVE-2023-32854
04 Dec 2023 — In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08240132; Issue ID: ALPS08240132. En ril, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 29EXPL: 0CVE-2023-32853
https://notcve.org/view.php?id=CVE-2023-32853
04 Dec 2023 — In rpmb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648764; Issue ID: ALPS07648764. En rpmb, existe una posible escritura fuera de los límites debido a una comprobación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2023-32851
https://notcve.org/view.php?id=CVE-2023-32851
04 Dec 2023 — In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652. En decoder, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2023-32850
https://notcve.org/view.php?id=CVE-2023-32850
04 Dec 2023 — In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016659; Issue ID: ALPS08016659. En decoder, existe una posible escritura fuera de los límites debido a un desbordamiento de enteros. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2023-32847
https://notcve.org/view.php?id=CVE-2023-32847
04 Dec 2023 — In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940. En audio, hay una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 68EXPL: 0CVE-2023-32840
https://notcve.org/view.php?id=CVE-2023-32840
06 Nov 2023 — In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862). En modem CCCI, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 45EXPL: 0CVE-2023-32825
https://notcve.org/view.php?id=CVE-2023-32825
06 Nov 2023 — In bluethooth service, there is a possible out of bounds reads due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07884130; Issue ID: ALPS07884130. En el servicio Bluetooth, existe una posible lectura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-125: Out-of-bounds Read •