CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-20748
https://notcve.org/view.php?id=CVE-2023-20748
04 Jul 2023 — In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07536951; Issue ID: ALPS07536951. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-20693
https://notcve.org/view.php?id=CVE-2023-20693
04 Jul 2023 — In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20691
https://notcve.org/view.php?id=CVE-2023-20691
04 Jul 2023 — In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-20690
https://notcve.org/view.php?id=CVE-2023-20690
04 Jul 2023 — In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 39EXPL: 0CVE-2023-20775
https://notcve.org/view.php?id=CVE-2023-20775
04 Jul 2023 — In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 12EXPL: 0CVE-2023-20774
https://notcve.org/view.php?id=CVE-2023-20774
04 Jul 2023 — In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292228; Issue ID: ALPS07292228. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2023-20773
https://notcve.org/view.php?id=CVE-2023-20773
04 Jul 2023 — In vow, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07611449; Issue ID: ALPS07441735. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-862: Missing Authorization •
CVSS: 6.7EPSS: 0%CPEs: 35EXPL: 0CVE-2023-20772
https://notcve.org/view.php?id=CVE-2023-20772
04 Jul 2023 — In vow, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441796; Issue ID: ALPS07441796. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-862: Missing Authorization •
CVSS: 6.4EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20771
https://notcve.org/view.php?id=CVE-2023-20771
04 Jul 2023 — In display, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07671046; Issue ID: ALPS07671046. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 44EXPL: 0CVE-2023-20768
https://notcve.org/view.php?id=CVE-2023-20768
04 Jul 2023 — In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07559800. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •