cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-20108,https://securityvulnerability.io/vulnerability/CVE-2024-20108,Possible Out of Bounds Write Leads to Local Escalation of Privilege,"In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6896, Mt6897, Mt6983, Mt6985, Mt6989, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8370, Mt8385, Mt8390, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8678, Mt8755, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8792, Mt8795t, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-04T01:48:43.978Z,0
CVE-2024-20094,https://securityvulnerability.io/vulnerability/CVE-2024-20094,Possible System Crash Due to Missing Bounds Check,"A vulnerability in MediaTek modem products allows for a potential system crash stemming from a missing bounds check. This absence of necessary validation could be exploited remotely, resulting in a denial of service without the need for any user interaction or elevated privileges. The vulnerability has been documented with Patch ID: MOLY00843282 and Issue ID: MSV-1535, highlighting the importance of implementing mitigations to protect affected installations.",MediaTek,"Mt2735, Mt6833, Mt6853, Mt6855, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6880, Mt6883, Mt6885, Mt6889, Mt6890, Mt6891, Mt6893, Mt8675, Mt8771, Mt8791, Mt8791t, Mt8797",,,0.0004299999854993075,false,false,false,false,,false,false,2024-10-07T02:35:17.919Z,0
CVE-2023-32871,https://securityvulnerability.io/vulnerability/CVE-2023-32871,Possible Permission Bypass in DA Product Could Lead to Local Escalation of Privilege,"A permission bypass vulnerability has been identified in MediaTek's products caused by an incorrect status check mechanism. This flaw allows an attacker to escalate privileges locally without requiring additional execution privileges or user interaction. Such vulnerabilities pose risks as they could be exploited to increase the privileges of a user or process beyond intended limitations, potentially leading to unauthorized access and control over the affected systems. Users and organizations utilizing MediaTek's products are advised to apply the necessary security patch identified as ALPS08355514 to mitigate this risk.",MediaTek,"Mt2737, Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6893, Mt6895, Mt6897, Mt6980, Mt6983, Mt6985, Mt6989, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8755, Mt8765, Mt8766, Mt8768, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",,,0.0004299999854993075,false,false,false,false,,false,false,2024-05-06T02:51:52.075Z,0
CVE-2024-20039,https://securityvulnerability.io/vulnerability/CVE-2024-20039,Possible Out of Bounds Write in Modem Protocol Could Lead to Remote Code Execution,"In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.",MediaTek,"Mt2731, Mt2735, Mt2737, Mt3967, Mt6297, Mt6298, Mt6739, Mt6761, Mt6762, Mt6762d, Mt6762m, Mt6763, Mt6765, Mt6765t, Mt6767, Mt6768, Mt6769, Mt6769t, Mt6769z, Mt6771, Mt6779, Mt6781, Mt6783, Mt6785, Mt6785t, Mt6785u, Mt6789, Mt6813, Mt6815, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6895t, Mt6896, Mt6897, Mt6980, Mt6980d, Mt6983, Mt6985, Mt6986, Mt6986d, Mt6989, Mt6990, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8791, Mt8791t, Mt8792, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,false,false,false,,false,false,2024-04-01T03:15:00.000Z,0
CVE-2024-20032,https://securityvulnerability.io/vulnerability/CVE-2024-20032,Possible Permission Bypass Leads to Local Escalation of Privilege,"In aee, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08487630; Issue ID: MSV-1020.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6983, Mt6985, Mt6989, Mt8321, Mt8673, Mt8765, Mt8766, Mt8768, Mt8781, Mt8789, Mt8791, Mt8792, Mt8796",,,0.0004299999854993075,false,false,false,false,,false,false,2024-03-04T02:43:46.798Z,0
CVE-2024-20004,https://securityvulnerability.io/vulnerability/CVE-2024-20004,Possible System Crash Due to Improper Input Validation,"The vulnerability in MediaTek's Modem NL1 arises from improper input validation, which could allow an attacker to cause a system crash. This vulnerability is exploited by sending an invalid NR RRC Connection Setup message, resulting in a remote denial of service. No additional privileges or user interaction are required for this exploitation, making it particularly concerning for users of the Modem NL1. Affected users can reference the provided patch ID MOLY01191612 to mitigate the issue.",MediaTek,"Mt2735, Mt6297, Mt6833, Mt6853, Mt6855, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6880, Mt6883, Mt6885, Mt6889, Mt6890, Mt6891, Mt6893, Mt8675, Mt8791, Mt8791t, Mt8797",7.5,HIGH,0.0007699999841861427,false,false,false,false,,false,false,2024-02-05T05:59:44.132Z,0
CVE-2024-20016,https://securityvulnerability.io/vulnerability/CVE-2024-20016,Possible Local Denial of Service Vulnerability in GED System Due to Integer Overflow,"In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID: ALPS07835901.",MediaTek,"MT6735, MT6737, MT6739, MT6753, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8183, MT8188, MT8195, MT8765, MT8766, MT8768, MT8791, MT8797, MT8798",4.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-02-05T05:59:39.607Z,0
CVE-2024-20013,https://securityvulnerability.io/vulnerability/CVE-2024-20013,Possible Out of Bounds Write Could Lead to Local Escalation of Privilege,"In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2024-02-05T05:59:36.678Z,0
CVE-2024-20003,https://securityvulnerability.io/vulnerability/CVE-2024-20003,Possible System Crash Due to Improper Input Validation,"A vulnerability identified in MediaTek's Modem NL1 stems from inadequate input validation, which can cause the system to crash. When an invalid NR RRC Connection Setup message is transmitted, it can lead to a remote denial of service without requiring additional execution privileges or user interaction. This presents a significant risk to system integrity and availability, emphasizing the need for immediate attention and patching to prevent exploitation.",MediaTek,"MT2735, MT6297, MT6833, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8675, MT8791, MT8791T, MT8797",7.5,HIGH,0.0007699999841861427,false,false,false,false,,false,false,2024-02-05T05:59:33.841Z,0
CVE-2024-20010,https://securityvulnerability.io/vulnerability/CVE-2024-20010,Possible Escalation of Privilege Vulnerability in keyInstall,"In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2024-02-05T05:59:30.948Z,0
CVE-2023-32872,https://securityvulnerability.io/vulnerability/CVE-2023-32872,Out of Bounds Write Vulnerability in MediaTek KeyInstall Component,"A vulnerability exists within the KeyInstall component of MediaTek due to a missing bounds check, enabling a possible out of bounds write. This flaw may allow a local attacker to escalate privileges to System execution privileges without requiring user interaction. Proper patching measures should be implemented promptly, particularly for versions prior to Patch ID ALPS08308607, to mitigate potential risks associated with this issue.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2024-01-02T03:15:00.000Z,0
CVE-2023-32886,https://securityvulnerability.io/vulnerability/CVE-2023-32886,Out of Bounds Write Vulnerability in MediaTek Modem IMS SMS UA,"The vulnerability in MediaTek's Modem IMS SMS UA stems from a potential out-of-bounds write caused by a failure to implement proper bounds checks. This flaw enables an attacker to exploit the vulnerability remotely, resulting in a denial of service without requiring any additional execution privileges. Notably, exploitation does not necessitate user interaction, making it a concerning risk for the affected systems. Immediate attention to the patch (ID: MOLY00730807) is advised to mitigate potential security threats.",MediaTek,"MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8673, MT8675, MT8676, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798",7.5,HIGH,0.0014400000218302011,false,false,false,false,,false,false,2024-01-02T03:15:00.000Z,0
CVE-2023-32875,https://securityvulnerability.io/vulnerability/CVE-2023-32875,Information Disclosure Vulnerability in MediaTek KeyInstall Component,"The vulnerability in MediaTek’s keyInstall component results from a missing bounds check, enabling a potential information disclosure. This issue allows attackers to gain unauthorized access to sensitive data, requiring system execution privileges to exploit. The vulnerability does not necessitate user interaction, raising concerns for local information security. Affected systems should prioritize implementing the patch ID ALPS08308607 to mitigate this risk.",MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",4.4,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2024-01-02T03:15:00.000Z,0
CVE-2023-32876,https://securityvulnerability.io/vulnerability/CVE-2023-32876,Information Disclosure Vulnerability in MediaTek KeyInstall,"The vulnerability in MediaTek's KeyInstall component arises from a missing bounds check, which could lead to local information disclosure. This issue allows unauthorized access to sensitive information within the system, requiring system execution privileges for exploitation. No user interaction is necessary, making the vulnerability particularly concerning for users relying on the affected product. MediaTek has issued a patch to address this issue, and users are strongly advised to update their systems to mitigate potential risks.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",4.4,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2024-01-02T03:15:00.000Z,0
CVE-2023-32884,https://securityvulnerability.io/vulnerability/CVE-2023-32884,Information Disclosure Vulnerability in MediaTek NetDagent,"A vulnerability exists in MediaTek's NetDagent due to improper bounds checking, leading to possible information disclosure. This issue may allow an attacker to escalate privileges locally with System execution rights. Exploitation of this vulnerability does not require user interaction, thus posing a significant threat to system integrity and user data. Affected versions have been patched under Patch ID ALPS07944011 to address this security concern.",MediaTek,"MT2713, MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8188, MT8192, MT8195, MT8195Z, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8696, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871",6.7,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2024-01-02T03:15:00.000Z,0
CVE-2023-32855,https://securityvulnerability.io/vulnerability/CVE-2023-32855,,"In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204.",MediaTek,"MT2735, MT2737, MT6765, MT6768, MT6769, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6885, MT6889, MT6890, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8667, MT8765, MT8768, MT8786, MT8791, MT8791T, MT8791WIFI, MT8798",6.7,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-12-04T04:15:00.000Z,0
CVE-2023-32840,https://securityvulnerability.io/vulnerability/CVE-2023-32840,,"In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).",MediaTek,"Mt2731, Mt2735, Mt6731, Mt6739, Mt6761, Mt6762, Mt6763, Mt6765, Mt6767, Mt6768, Mt6769, Mt6769t, Mt6769z, Mt6771, Mt6771t, Mt6813, Mt6833, Mt6833p, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6877t, Mt6878, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6895t, Mt6896, Mt6897, Mt6980, Mt6980d, Mt6983t, Mt6983w, Mt6983z, Mt6985, Mt6985t, Mt6989, Mt6990, Mt8666, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",6.5,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-11-06T04:15:00.000Z,0
CVE-2023-32834,https://securityvulnerability.io/vulnerability/CVE-2023-32834,,"In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762.",MediaTek,"MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-11-06T04:15:00.000Z,0
CVE-2023-32835,https://securityvulnerability.io/vulnerability/CVE-2023-32835,,"In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-11-06T04:15:00.000Z,0
CVE-2023-32820,https://securityvulnerability.io/vulnerability/CVE-2023-32820,Remote Denial of Service in MediaTek WLAN Firmware,"The MediaTek WLAN firmware has a vulnerability that arises from improper input handling, potentially allowing for remote denial of service. This issue can be exploited without any user interaction and does not require additional execution privileges. As a result, attackers may be able to disrupt the normal functionality of the affected devices. A patch is available, identified by Patch ID ALPS07932637. For further information, refer to the [MediaTek security bulletin](https://corp.mediatek.com/product-security-bulletin/October-2023).",MediaTek,"Mt5221, Mt6781, Mt6833, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt7663, Mt7668, Mt7902, Mt7921, Mt8168, Mt8365, Mt8518s, Mt8532, Mt8666, Mt8673, Mt8675, Mt8695, Mt8766, Mt8768, Mt8781, Mt8786, Mt8789, Mt8791, Mt8797, Mt8798",7.5,HIGH,0.0010300000431016088,false,false,false,false,,false,false,2023-10-02T03:15:00.000Z,0
CVE-2023-20819,https://securityvulnerability.io/vulnerability/CVE-2023-20819,Out of Bounds Write Vulnerability in CDMA PPP Protocol by MediaTek,"The CDMA PPP protocol in MediaTek devices contains a vulnerability characterized by an out of bounds write resulting from a missing bounds check. This flaw allows an attacker to perform remote privilege escalation without requiring any user interaction or special execution privileges. The potential exploitation of this vulnerability could lead to significant security risks, making prompt attention to the issue critical. Affected users are advised to apply patches and updates to mitigate this vulnerability effectively.",MediaTek,"Mt2731, Mt6570, Mt6580, Mt6595, Mt6732, Mt6735, Mt6737, Mt6737m, Mt6738, Mt6739, Mt6750, Mt6750s, Mt6752, Mt6753, Mt6755, Mt6757, Mt6758, Mt6761, Mt6762, Mt6762d, Mt6762m, Mt6763, Mt6765, Mt6765t, Mt6767, Mt6768, Mt6769, Mt6769t, Mt6769z, Mt6771, Mt6775, Mt6779, Mt6781, Mt6783, Mt6785, Mt6785t, Mt6789, Mt6795, Mt6797, Mt6799, Mt6813, Mt6815, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6895t, Mt6896, Mt6897, Mt6983, Mt6985, Mt6989, Mt8666, Mt8666a, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8766z, Mt8768, Mt8768a, Mt8768b, Mt8768t, Mt8768z, Mt8781, Mt8786, Mt8788, Mt8788t, Mt8788x, Mt8788z, Mt8791, Mt8791t, Mt8797, Mt8798",9.8,CRITICAL,0.0036700000055134296,false,false,false,false,,false,false,2023-10-02T03:15:00.000Z,0
CVE-2023-32808,https://securityvulnerability.io/vulnerability/CVE-2023-32808,,"In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849751; Issue ID: ALPS07849751.",MediaTek,"MT2713, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT8168, MT8175, MT8188, MT8195, MT8365, MT8666, MT8667, MT8673, MT8781, MT8781WIFI, MT8791, MT8791T, MT8791WIFI, MT8797, MT8797WIFI",4.4,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-09-04T03:15:00.000Z,0
CVE-2023-20833,https://securityvulnerability.io/vulnerability/CVE-2023-20833,,"In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764.",MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",4.4,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-09-04T03:15:00.000Z,0
CVE-2023-20821,https://securityvulnerability.io/vulnerability/CVE-2023-20821,,"In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.",MediaTek,"Mt2713, Mt2735, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6980, Mt6983, Mt6985, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",6.7,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-09-04T03:15:00.000Z,0
CVE-2023-32809,https://securityvulnerability.io/vulnerability/CVE-2023-32809,,"In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849753; Issue ID: ALPS07849753.",MediaTek,"MT2713, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT8168, MT8175, MT8188, MT8195, MT8365, MT8666, MT8667, MT8673, MT8781, MT8781WIFI, MT8791, MT8791T, MT8791WIFI, MT8797, MT8797WIFI",4.4,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-09-04T03:15:00.000Z,0