cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-20643,https://securityvulnerability.io/vulnerability/CVE-2025-20643,Out of Bounds Read Vulnerability in MediaTek Devices,"A potential out of bounds read vulnerability exists in certain MediaTek devices due to an insufficient bounds check. If exploited, this vulnerability could allow a malicious actor with physical access to the device to disclose sensitive information, especially if they have already gained System privileges. User interaction is required for the successful exploitation of this issue. For further details and mitigation steps, refer to the security bulletin issued by MediaTek.",MediaTek,"Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893",3.9,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-03T03:24:08.097Z,0
CVE-2025-20642,https://securityvulnerability.io/vulnerability/CVE-2025-20642,Out of Bounds Write Vulnerability in MediaTek Device,"An out of bounds write vulnerability has been identified in MediaTek devices, stemming from a missing bounds check. This flaw allows an attacker with physical access to potentially escalate privileges locally, posing a risk to device security. It's important to note that user interaction is required for the exploitation of this vulnerability. MediaTek has issued a patch to address this issue, ensuring users can secure their devices against potential threats. Detailed mitigation steps can be found in the security bulletin.",MediaTek,"Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893",6.6,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-03T03:24:06.483Z,0
CVE-2025-20641,https://securityvulnerability.io/vulnerability/CVE-2025-20641,Out of Bounds Write Vulnerability in Mediatek Devices,"In certain Mediatek devices, a possible out of bounds write vulnerability has been identified due to a missing bounds check. This issue allows for potential local escalation of privilege if an attacker has physical access, without requiring any additional execution privileges. User interaction is necessary for successful exploitation, making it critical for users to apply patches to ensure their device security. For further details and remediation, consult the official Mediatek product security bulletin.",MediaTek,"Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893",6.6,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-03T03:24:04.876Z,0
CVE-2025-20640,https://securityvulnerability.io/vulnerability/CVE-2025-20640,Out of Bounds Read Vulnerability in MediaTek Devices,"An out of bounds read vulnerability exists in MediaTek devices due to a missing bounds check, which can lead to potential local information disclosure. Exploitation of this vulnerability requires physical access to the device and user interaction. Addressing this issue is critical to protecting sensitive data from unauthorized access, and a patch has been released to remediate the flaw.",MediaTek,"Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893",4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-03T03:24:03.332Z,0
CVE-2025-20639,https://securityvulnerability.io/vulnerability/CVE-2025-20639,Out of Bounds Write Vulnerability in MediaTek Devices,"A vulnerability in MediaTek's DA software allows for a potential out of bounds write due to insufficient bounds checking. This issue poses a risk of local privilege escalation, requiring an attacker to have physical access to the device for exploitation. User interaction facilitates this attack. To address this issue, MediaTek has issued a patch identified as ALPS09291146, associated with Issue ID MSV-2060.",MediaTek,"Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893",6.6,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-03T03:24:01.156Z,0
CVE-2025-20638,https://securityvulnerability.io/vulnerability/CVE-2025-20638,Local Information Disclosure Vulnerability in MediaTek Devices,"A potential local information disclosure vulnerability has been identified in DA by MediaTek, stemming from uninitialized heap data. This flaw allows an attacker with physical access to the device to read sensitive uninitialized data, which could lead to unauthorized access to potentially sensitive information. Notably, user interaction is required to exploit this vulnerability. The issue has been documented with Patch ID: ALPS09291449 and Issue ID: MSV-2066.",MediaTek,"Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893",4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-03T03:23:59.474Z,0
CVE-2024-20142,https://securityvulnerability.io/vulnerability/CVE-2024-20142,Out of Bounds Write Vulnerability in V5 DA by MediaTek,"The V5 DA by MediaTek has a vulnerability characterized by an out of bounds write due to a missing bounds check. This flaw presents a risk for local escalation of privileges, provided the attacker has physical access to the device. Exploitation of this vulnerability requires user interaction, making it particularly insidious as it can be leveraged by malicious individuals with direct access. A patch has been released under ID ALPS09291406 to address this security issue, so it is critical for users to update their devices promptly.",MediaTek,"Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893",6.6,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-03T03:23:57.752Z,0
CVE-2024-20141,https://securityvulnerability.io/vulnerability/CVE-2024-20141,Out of Bounds Write Vulnerability in V5 DA Affected by MediaTek,"In V5 DA, a vulnerability exists that allows for potential out of bounds writing. This flaw arises from inadequate bounds checking, which presents a risk of local escalation of privilege if an attacker has physical access to the device. Exploitation requires user interaction and does not necessitate any additional execution privileges. It is crucial for users to remain vigilant and apply available patches, such as Patch ID ALPS09291402, to mitigate this security issue.",MediaTek,"Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893",6.6,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-03T03:23:56.024Z,0
CVE-2023-32871,https://securityvulnerability.io/vulnerability/CVE-2023-32871,Possible Permission Bypass in DA Product Could Lead to Local Escalation of Privilege,"A permission bypass vulnerability has been identified in MediaTek's products caused by an incorrect status check mechanism. This flaw allows an attacker to escalate privileges locally without requiring additional execution privileges or user interaction. Such vulnerabilities pose risks as they could be exploited to increase the privileges of a user or process beyond intended limitations, potentially leading to unauthorized access and control over the affected systems. Users and organizations utilizing MediaTek's products are advised to apply the necessary security patch identified as ALPS08355514 to mitigate this risk.",MediaTek,"Mt2737, Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6893, Mt6895, Mt6897, Mt6980, Mt6983, Mt6985, Mt6989, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8755, Mt8765, Mt8766, Mt8768, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-06T02:51:52.075Z,0
CVE-2024-20039,https://securityvulnerability.io/vulnerability/CVE-2024-20039,Possible Out of Bounds Write in Modem Protocol Could Lead to Remote Code Execution,"In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.",MediaTek,"Mt2731, Mt2735, Mt2737, Mt3967, Mt6297, Mt6298, Mt6739, Mt6761, Mt6762, Mt6762d, Mt6762m, Mt6763, Mt6765, Mt6765t, Mt6767, Mt6768, Mt6769, Mt6769t, Mt6769z, Mt6771, Mt6779, Mt6781, Mt6783, Mt6785, Mt6785t, Mt6785u, Mt6789, Mt6813, Mt6815, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6895t, Mt6896, Mt6897, Mt6980, Mt6980d, Mt6983, Mt6985, Mt6986, Mt6986d, Mt6989, Mt6990, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8791, Mt8791t, Mt8792, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-01T03:15:00.000Z,0
CVE-2024-20013,https://securityvulnerability.io/vulnerability/CVE-2024-20013,Possible Out of Bounds Write Could Lead to Local Escalation of Privilege,"In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-05T05:59:36.678Z,0
CVE-2024-20010,https://securityvulnerability.io/vulnerability/CVE-2024-20010,Possible Escalation of Privilege Vulnerability in keyInstall,"In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-05T05:59:30.948Z,0
CVE-2023-32872,https://securityvulnerability.io/vulnerability/CVE-2023-32872,Out of Bounds Write Vulnerability in MediaTek KeyInstall Component,"A vulnerability exists within the KeyInstall component of MediaTek due to a missing bounds check, enabling a possible out of bounds write. This flaw may allow a local attacker to escalate privileges to System execution privileges without requiring user interaction. Proper patching measures should be implemented promptly, particularly for versions prior to Patch ID ALPS08308607, to mitigate potential risks associated with this issue.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-02T03:15:00.000Z,0
CVE-2023-32875,https://securityvulnerability.io/vulnerability/CVE-2023-32875,Information Disclosure Vulnerability in MediaTek KeyInstall Component,"The vulnerability in MediaTek’s keyInstall component results from a missing bounds check, enabling a potential information disclosure. This issue allows attackers to gain unauthorized access to sensitive data, requiring system execution privileges to exploit. The vulnerability does not necessitate user interaction, raising concerns for local information security. Affected systems should prioritize implementing the patch ID ALPS08308607 to mitigate this risk.",MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-02T03:15:00.000Z,0
CVE-2023-32876,https://securityvulnerability.io/vulnerability/CVE-2023-32876,Information Disclosure Vulnerability in MediaTek KeyInstall,"The vulnerability in MediaTek's KeyInstall component arises from a missing bounds check, which could lead to local information disclosure. This issue allows unauthorized access to sensitive information within the system, requiring system execution privileges for exploitation. No user interaction is necessary, making the vulnerability particularly concerning for users relying on the affected product. MediaTek has issued a patch to address this issue, and users are strongly advised to update their systems to mitigate potential risks.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-02T03:15:00.000Z,0
CVE-2023-32835,https://securityvulnerability.io/vulnerability/CVE-2023-32835,Memory Corruption Vulnerability in KeyInstall by MediaTek,"A vulnerability in MediaTek's KeyInstall has been identified, characterized by a potential memory corruption due to type confusion. This vulnerability poses a risk of local privilege escalation, enabling unauthorized users to execute system-level commands without requiring user interaction. To mitigate this risk, users and administrators are encouraged to apply the latest patches and updates as soon as they become available.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-06T04:15:00.000Z,0
CVE-2023-32834,https://securityvulnerability.io/vulnerability/CVE-2023-32834,Memory Corruption Vulnerability in MediaTek's Secmem Component,"A memory corruption issue exists in MediaTek's Secmem component due to type confusion, potentially allowing an attacker to escalate privileges to system execution levels. This vulnerability does not require any user interaction for exploitation and poses significant security risks. The associated patch is identified as ALPS08161762. It is crucial for users and administrators to apply the necessary updates to mitigate any potential threats.",MediaTek,"MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-06T04:15:00.000Z,0
CVE-2023-20819,https://securityvulnerability.io/vulnerability/CVE-2023-20819,Out of Bounds Write Vulnerability in CDMA PPP Protocol by MediaTek,"The CDMA PPP protocol in MediaTek devices contains a vulnerability characterized by an out of bounds write resulting from a missing bounds check. This flaw allows an attacker to perform remote privilege escalation without requiring any user interaction or special execution privileges. The potential exploitation of this vulnerability could lead to significant security risks, making prompt attention to the issue critical. Affected users are advised to apply patches and updates to mitigate this vulnerability effectively.",MediaTek,"Mt2731, Mt6570, Mt6580, Mt6595, Mt6732, Mt6735, Mt6737, Mt6737m, Mt6738, Mt6739, Mt6750, Mt6750s, Mt6752, Mt6753, Mt6755, Mt6757, Mt6758, Mt6761, Mt6762, Mt6762d, Mt6762m, Mt6763, Mt6765, Mt6765t, Mt6767, Mt6768, Mt6769, Mt6769t, Mt6769z, Mt6771, Mt6775, Mt6779, Mt6781, Mt6783, Mt6785, Mt6785t, Mt6789, Mt6795, Mt6797, Mt6799, Mt6813, Mt6815, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6895t, Mt6896, Mt6897, Mt6983, Mt6985, Mt6989, Mt8666, Mt8666a, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8766z, Mt8768, Mt8768a, Mt8768b, Mt8768t, Mt8768z, Mt8781, Mt8786, Mt8788, Mt8788t, Mt8788x, Mt8788z, Mt8791, Mt8791t, Mt8797, Mt8798",9.8,CRITICAL,0.0036700000055134296,false,,false,false,false,,,false,false,,2023-10-02T03:15:00.000Z,0
CVE-2023-20833,https://securityvulnerability.io/vulnerability/CVE-2023-20833,Information Disclosure Vulnerability in Keyinstall from MediaTek,"An information disclosure vulnerability exists in MediaTek's Keyinstall due to a missing bounds check. This flaw may allow for local information disclosure with system execution privileges. Notably, user interaction is not required for the exploitation of this vulnerability, posing a significant risk to affected systems. Immediate remediation is advised following the release of patch ALPS08017756.",MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-09-04T03:15:00.000Z,0
CVE-2023-20782,https://securityvulnerability.io/vulnerability/CVE-2023-20782,Information Disclosure Vulnerability in MediaTek KeyInstall Software,A vulnerability exists in MediaTek's KeyInstall software that allows for potential local information disclosure due to a missing bounds check. This vulnerability requires system execution privileges but does not necessitate user interaction for exploitation. Users of affected versions should apply the necessary patches to mitigate the risk associated with this issue.,MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-07T04:15:00.000Z,0
CVE-2023-20780,https://securityvulnerability.io/vulnerability/CVE-2023-20780,Information Disclosure Vulnerability in Mediatek KeyInstall,A vulnerability in Mediatek's KeyInstall could allow for local information disclosure due to a missing bounds check. This flaw requires system execution privileges but does not necessitate user interaction for exploitation. It is critical for users of affected KeyInstall versions to apply the necessary patches to mitigate potential risks.,MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-07T04:15:00.000Z,0
CVE-2023-20784,https://securityvulnerability.io/vulnerability/CVE-2023-20784,Out of Bounds Write Vulnerability in MediaTek KeyInstall,"A vulnerability exists in MediaTek's KeyInstall that allows an out-of-bounds write due to a missing bounds check. This flaw could enable an attacker to escalate local privileges without needing user interaction. To address this issue, MediaTek has released a patch identified as ALPS07826989. It is crucial for users of affected KeyInstall versions to apply the necessary updates promptly to safeguard their systems.",MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-07T04:15:00.000Z,0
CVE-2023-20783,https://securityvulnerability.io/vulnerability/CVE-2023-20783,Out of Bounds Write Vulnerability in MediaTek KeyInstall Component,"The KeyInstall component in MediaTek products contains a vulnerability that allows for an out of bounds write due to insufficient bounds checking. This flaw could potentially enable local privilege escalation, allowing an attacker to execute actions with system-level permissions. Crucially, this vulnerability does not require user interaction for exploitation, increasing its risk profile. Affected systems should be updated promptly with the latest patches to mitigate this security risk.",MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-07T04:15:00.000Z,0
CVE-2023-20790,https://securityvulnerability.io/vulnerability/CVE-2023-20790,Out of Bounds Write Vulnerability in NVRAM by MediaTek,"A potential out of bounds write vulnerability exists in the NVRAM component of MediaTek products. This flaw arises from a missing bounds check, which can lead to local information disclosure, necessitating system execution privileges for exploitation. Notably, user interaction is not required for the attack, allowing it to be executed without prior consent from the user. A patch has been issued to address this vulnerability, emphasizing the importance of maintaining updated software to safeguard against potential exploits.",MediaTek,"Mt2713, Mt2735, Mt2737, Mt6739, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6980, Mt6983, Mt6985, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-07T04:15:00.000Z,0
CVE-2023-20781,https://securityvulnerability.io/vulnerability/CVE-2023-20781,Memory Corruption Vulnerability in Mediatek KeyInstall Product,"The KeyInstall product by Mediatek is susceptible to memory corruption due to an inadequately implemented bounds check. This vulnerability can result in a local denial of service, requiring system execution privileges to exploit. User interaction is not necessary for an attacker to take advantage of this flaw, highlighting a significant risk to systems relying on this product. A patch has been developed and is identified by Patch ID: ALPS08017756.",MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-07T04:15:00.000Z,0