CVSS: 7.5EPSS: 0%CPEs: 85EXPL: 0CVE-2025-20659
https://notcve.org/view.php?id=CVE-2025-20659
07 Apr 2025 — In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768. • https://corp.mediatek.com/product-security-bulletin/April-2025 • CWE-125: Out-of-bounds Read •
CVSS: 6.2EPSS: 0%CPEs: 32EXPL: 0CVE-2024-20136
https://notcve.org/view.php?id=CVE-2024-20136
02 Dec 2024 — In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09121847; Issue ID: MSV-1821. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 14EXPL: 0CVE-2024-20135
https://notcve.org/view.php?id=CVE-2024-20135
02 Dec 2024 — In soundtrigger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09142526; Issue ID: MSV-1841. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 14EXPL: 0CVE-2024-20134
https://notcve.org/view.php?id=CVE-2024-20134
02 Dec 2024 — In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 31EXPL: 0CVE-2024-20130
https://notcve.org/view.php?id=CVE-2024-20130
02 Dec 2024 — In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09193374; Issue ID: MSV-1982. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: 31EXPL: 0CVE-2024-20121
https://notcve.org/view.php?id=CVE-2024-20121
04 Nov 2024 — In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 31EXPL: 0CVE-2024-20120
https://notcve.org/view.php?id=CVE-2024-20120
04 Nov 2024 — In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1575. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 67EXPL: 0CVE-2024-20108
https://notcve.org/view.php?id=CVE-2024-20108
04 Nov 2024 — In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-20103
https://notcve.org/view.php?id=CVE-2024-20103
07 Oct 2024 — In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-20101
https://notcve.org/view.php?id=CVE-2024-20101
07 Oct 2024 — In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •