CVSS: 9.8EPSS: 0%CPEs: 47EXPL: 0CVE-2024-20040
https://notcve.org/view.php?id=CVE-2024-20040
01 Apr 2024 — In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979. En el firmware WLAN, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2024-20039
https://notcve.org/view.php?id=CVE-2024-20039
01 Apr 2024 — In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215. En el protocolo de módem, existe una posible escritura fuera de los límites debido a una comprobación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 31EXPL: 0CVE-2024-20037
https://notcve.org/view.php?id=CVE-2024-20037
04 Mar 2024 — In pq, there is a possible write-what-where condition due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495937; Issue ID: ALPS08495937. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.4EPSS: 0%CPEs: 10EXPL: 0CVE-2024-20036
https://notcve.org/view.php?id=CVE-2024-20036
04 Mar 2024 — In vdec, there is a possible permission bypass due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08509508; Issue ID: ALPS08509508. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-284: Improper Access Control •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2024-20034
https://notcve.org/view.php?id=CVE-2024-20034
04 Mar 2024 — In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08488849; Issue ID: ALPS08488849. En la batería, existe una posible escalada de privilegios debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 35EXPL: 0CVE-2024-20032
https://notcve.org/view.php?id=CVE-2024-20032
04 Mar 2024 — In aee, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08487630; Issue ID: MSV-1020. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-862: Missing Authorization •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 0CVE-2024-20029
https://notcve.org/view.php?id=CVE-2024-20029
04 Mar 2024 — In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477406; Issue ID: MSV-1010. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 20EXPL: 0CVE-2024-20031
https://notcve.org/view.php?id=CVE-2024-20031
04 Mar 2024 — In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541742. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.6EPSS: 0%CPEs: 18EXPL: 0CVE-2024-20028
https://notcve.org/view.php?id=CVE-2024-20028
04 Mar 2024 — In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541687. En da, existe una posible escritura fuera de los límites por falta de valoración. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.9EPSS: 0%CPEs: 19EXPL: 0CVE-2024-20027
https://notcve.org/view.php?id=CVE-2024-20027
04 Mar 2024 — In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541633. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •