CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2024-20094
https://notcve.org/view.php?id=CVE-2024-20094
07 Oct 2024 — In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-617: Reachable Assertion •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 0CVE-2024-20082
https://notcve.org/view.php?id=CVE-2024-20082
14 Aug 2024 — In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529. • https://corp.mediatek.com/product-security-bulletin/August-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 36EXPL: 0CVE-2024-20081
https://notcve.org/view.php?id=CVE-2024-20081
01 Jul 2024 — In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412. En el servicio gnss, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 36EXPL: 0CVE-2024-20080
https://notcve.org/view.php?id=CVE-2024-20080
01 Jul 2024 — In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424. En el servicio gnss existe una posible escalada de privilegios debido a una validación inadecuada del certificado. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 1%CPEs: 21EXPL: 0CVE-2024-20004
https://notcve.org/view.php?id=CVE-2024-20004
05 Feb 2024 — In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01195812 (MSV-985). En Modem NL1, existe una posible falla del sistema debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 21EXPL: 0CVE-2024-20003
https://notcve.org/view.php?id=CVE-2024-20003
05 Feb 2024 — In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01191612 (MSV-981). En Modem NL1, existe una posible falla del sistema debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 48EXPL: 0CVE-2023-32891
https://notcve.org/view.php?id=CVE-2023-32891
02 Jan 2024 — In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. En el servicio Bluetooth, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 45EXPL: 0CVE-2023-32890
https://notcve.org/view.php?id=CVE-2023-32890
02 Jan 2024 — In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963). En el modem EMM, existe un posible fallo del sistema debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 38EXPL: 0CVE-2023-32888
https://notcve.org/view.php?id=CVE-2023-32888
02 Jan 2024 — In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894). En Modem IMS Call UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 38EXPL: 0CVE-2023-32887
https://notcve.org/view.php?id=CVE-2023-32887
02 Jan 2024 — In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). En Modem IMS Stack, existe un posible fallo del sistema debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •