cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2025-20636,https://securityvulnerability.io/vulnerability/CVE-2025-20636,Out of Bounds Write Vulnerability in Mediatek Secmem,"A potential vulnerability has been identified in Mediatek's Secmem where an out of bounds write can occur due to a missing bounds check. This flaw could enable a malicious actor, who has already acquired System privileges, to escalate their privileges further. Notably, user interaction is not required for exploitation, posing a significant risk. Immediate attention and patching are recommended to mitigate potential threats. The relevant patch is identified as ALPS09403554 under Issue ID: MSV-2431.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6983, Mt6985, Mt8321, Mt8385, Mt8666, Mt8667, Mt8673, Mt8755, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8796, Mt8797, Mt8798",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-03T03:23:52.918Z,0 CVE-2024-20136,https://securityvulnerability.io/vulnerability/CVE-2024-20136,Possible Out-of-Bounds Read Vulnerability in Unknown Context,"In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09121847; Issue ID: MSV-1821.",MediaTek,"Mt2737, Mt6781, Mt6789, Mt6855, Mt6878, Mt6879, Mt6880, Mt6886, Mt6890, Mt6895, Mt6897, Mt6980, Mt6983, Mt6985, Mt6989, Mt6990, Mt8195, Mt8370, Mt8390, Mt8673, Mt8676, Mt8678, Mt8755, Mt8775, Mt8781, Mt8795t, Mt8796, Mt8798, Mt8893",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-02T03:07:09.915Z,0 CVE-2024-20127,https://securityvulnerability.io/vulnerability/CVE-2024-20127,Remote Denial of Service Vulnerability,"In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2023.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6896, Mt6897, Mt6983, Mt6985, Mt6989, Mt8321, Mt8666, Mt8667, Mt8673, Mt8678, Mt8765, Mt8766, Mt8766r, Mt8768, Mt8771, Mt8781, Mt8786, Mt8788, Mt8788e, Mt8791t, Mt8797, Mt8798, Mt8863t",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-02T03:06:58.549Z,0 CVE-2024-20128,https://securityvulnerability.io/vulnerability/CVE-2024-20128,Possible Out of Bounds Read Leads to Remote Denial of Service,"In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2024.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6896, Mt6897, Mt6983, Mt6985, Mt6989, Mt8321, Mt8666, Mt8667, Mt8673, Mt8678, Mt8765, Mt8766, Mt8766r, Mt8768, Mt8771, Mt8781, Mt8786, Mt8788, Mt8788e, Mt8791t, Mt8797, Mt8798, Mt8863t",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-02T03:06:56.942Z,0 CVE-2024-20129,https://securityvulnerability.io/vulnerability/CVE-2024-20129,Possible Out-of-Bounds Read Leads to Remote Denial of Service,"This vulnerability in MediaTek's telephony software arises from a missing bounds check, potentially allowing unauthorized remote access that could lead to a denial of service. Notably, exploitation requires no user interaction, highlighting the severity of the issue. Affected users are urged to apply the patch ID ALPS09289881 to mitigate risks associated with this security flaw.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6896, Mt6897, Mt6983, Mt6985, Mt6989, Mt8321, Mt8666, Mt8667, Mt8673, Mt8678, Mt8765, Mt8766, Mt8766r, Mt8768, Mt8771, Mt8781, Mt8786, Mt8788, Mt8788e, Mt8791t, Mt8797, Mt8798, Mt8863t",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-12-02T03:06:55.338Z,0 CVE-2024-20125,https://securityvulnerability.io/vulnerability/CVE-2024-20125,Possible Out of Bounds Write Could Lead to Local Escalation of Privilege,"In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728.",MediaTek,"Mt6580, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6983, Mt6985, Mt8175, Mt8195, Mt8321, Mt8365, Mt8370, Mt8385, Mt8390, Mt8395, Mt8666, Mt8667, Mt8673, Mt8765, Mt8766, Mt8768, Mt8771, Mt8781, Mt8786, Mt8788, Mt8791t, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-02T03:06:53.482Z,0 CVE-2024-20108,https://securityvulnerability.io/vulnerability/CVE-2024-20108,Possible Out of Bounds Write Leads to Local Escalation of Privilege,"In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6896, Mt6897, Mt6983, Mt6985, Mt6989, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8370, Mt8385, Mt8390, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8678, Mt8755, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8792, Mt8795t, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-04T01:48:43.978Z,0 CVE-2024-20088,https://securityvulnerability.io/vulnerability/CVE-2024-20088,Possible Local Information Disclosure through Missing Bounds Check,"In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932099; Issue ID: MSV-1543.",MediaTek,"Mt6765, Mt6768, Mt6781, Mt6833, Mt6835, Mt6855, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6897, Mt6983, Mt6985, Mt6989, Mt8321, Mt8755, Mt8765, Mt8766, Mt8768, Mt8775, Mt8781, Mt8786, Mt8788, Mt8792, Mt8796",4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-02T02:07:36.385Z,0 CVE-2023-32871,https://securityvulnerability.io/vulnerability/CVE-2023-32871,Possible Permission Bypass in DA Product Could Lead to Local Escalation of Privilege,"A permission bypass vulnerability has been identified in MediaTek's products caused by an incorrect status check mechanism. This flaw allows an attacker to escalate privileges locally without requiring additional execution privileges or user interaction. Such vulnerabilities pose risks as they could be exploited to increase the privileges of a user or process beyond intended limitations, potentially leading to unauthorized access and control over the affected systems. Users and organizations utilizing MediaTek's products are advised to apply the necessary security patch identified as ALPS08355514 to mitigate this risk.",MediaTek,"Mt2737, Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6893, Mt6895, Mt6897, Mt6980, Mt6983, Mt6985, Mt6989, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8755, Mt8765, Mt8766, Mt8768, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-06T02:51:52.075Z,0 CVE-2024-20057,https://securityvulnerability.io/vulnerability/CVE-2024-20057,Possible Out of Bounds Write Leads to Local Escalation of Privilege,"In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08587881; Issue ID: ALPS08587881.",MediaTek,"Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6897, Mt6983, Mt8321, Mt8385, Mt8755, Mt8765, Mt8766, Mt8768, Mt8771, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8792, Mt8795t, Mt8796",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-06T02:51:48.972Z,0 CVE-2024-20039,https://securityvulnerability.io/vulnerability/CVE-2024-20039,Possible Out of Bounds Write in Modem Protocol Could Lead to Remote Code Execution,"In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.",MediaTek,"Mt2731, Mt2735, Mt2737, Mt3967, Mt6297, Mt6298, Mt6739, Mt6761, Mt6762, Mt6762d, Mt6762m, Mt6763, Mt6765, Mt6765t, Mt6767, Mt6768, Mt6769, Mt6769t, Mt6769z, Mt6771, Mt6779, Mt6781, Mt6783, Mt6785, Mt6785t, Mt6785u, Mt6789, Mt6813, Mt6815, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6895t, Mt6896, Mt6897, Mt6980, Mt6980d, Mt6983, Mt6985, Mt6986, Mt6986d, Mt6989, Mt6990, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8791, Mt8791t, Mt8792, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-01T03:15:00.000Z,0 CVE-2024-20050,https://securityvulnerability.io/vulnerability/CVE-2024-20050,Flashc Information Disclosure Vulnerability,"In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541757.",MediaTek,"Mt2713, Mt2737, Mt6781, Mt6789, Mt6835, Mt6855, Mt6879, Mt6880, Mt6886, Mt6890, Mt6895, Mt6980, Mt6983, Mt6985, Mt6989, Mt6990, Mt8167, Mt8168, Mt8173, Mt8175, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8666, Mt8667, Mt8673, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-01T03:15:00.000Z,0 CVE-2024-20051,https://securityvulnerability.io/vulnerability/CVE-2024-20051,Possible System Crash Due to Uncaught Exception,"In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541758.",MediaTek,"Mt2713, Mt2737, Mt6781, Mt6789, Mt6835, Mt6855, Mt6879, Mt6880, Mt6886, Mt6890, Mt6895, Mt6980, Mt6983, Mt6985, Mt6989, Mt6990, Mt8167, Mt8168, Mt8173, Mt8175, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8666, Mt8667, Mt8673, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-01T03:15:00.000Z,0 CVE-2024-20040,https://securityvulnerability.io/vulnerability/CVE-2024-20040,Possible Out-of-Bounds Write in WLAN Firmware Could Lead to Remote Escalation of Privilege,"In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979.",MediaTek,"Mt2713, Mt6580, Mt6761, Mt6762, Mt6768, Mt6781, Mt6789, Mt6833, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt6989, Mt6990, Mt7902, Mt7915, Mt7916, Mt7920, Mt7921, Mt7922, Mt7925, Mt7927, Mt7981, Mt7986, Mt8188, Mt8195, Mt8370, Mt8390, Mt8395, Mt8518s, Mt8532, Mt8673, Mt8678, Mt8781, Mt8791t, Mt8792, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-01T03:15:00.000Z,0 CVE-2024-20033,https://securityvulnerability.io/vulnerability/CVE-2024-20033,Possible Information Disclosure in NVRAM Due to Missing Bounds Check,"In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08499945; Issue ID: ALPS08499945.",MediaTek,"Mt2713, Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6785, Mt6789, Mt6835, Mt6855, Mt6879, Mt6883, Mt6885, Mt6886, Mt6893, Mt6895, Mt6983, Mt6985, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8370, Mt8385, Mt8390, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8678, Mt8755, Mt8765, Mt8766, Mt8768, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8792, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-04T02:43:48.493Z,0 CVE-2024-20032,https://securityvulnerability.io/vulnerability/CVE-2024-20032,Possible Permission Bypass Leads to Local Escalation of Privilege,"In aee, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08487630; Issue ID: MSV-1020.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6983, Mt6985, Mt6989, Mt8321, Mt8673, Mt8765, Mt8766, Mt8768, Mt8781, Mt8789, Mt8791, Mt8792, Mt8796",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-04T02:43:46.798Z,0 CVE-2024-20022,https://securityvulnerability.io/vulnerability/CVE-2024-20022,Possible Escalation of Privilege via Missing Bounds Check,"In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255.",MediaTek,"Mt2737, Mt6789, Mt6835, Mt6855, Mt6879, Mt6880, Mt6886, Mt6890, Mt6895, Mt6980, Mt6983, Mt6985, Mt6989, Mt6990, Mt8321, Mt8385, Mt8666, Mt8667, Mt8673, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8796, Mt8797, Mt8798",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-04T02:43:30.832Z,0 CVE-2024-20015,https://securityvulnerability.io/vulnerability/CVE-2024-20015,Possible Escalation of Privilege via Permissions Bypass,"A vulnerability exists within MediaTek's telephony products that facilitates a local escalation of privilege due to a permissions bypass. This flaw allows attackers to gain higher privileges on the system without the necessity for additional execution privileges or user interaction. The issue highlights the importance of maintaining stringent security measures in telephony applications, especially in environments where comprehensive access controls are expected. The identified patch for this vulnerability is coded ALPS08441419. For more details on the patch and security guidelines, refer to the official MediaTek product security bulletin.",MediaTek,"MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6781, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8321, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-05T05:59:38.166Z,0 CVE-2024-20013,https://securityvulnerability.io/vulnerability/CVE-2024-20013,Possible Out of Bounds Write Could Lead to Local Escalation of Privilege,"In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-05T05:59:36.678Z,0 CVE-2024-20012,https://securityvulnerability.io/vulnerability/CVE-2024-20012,Possible Escalation of Privilege Vulnerability in keyInstall,"In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6895, MT6983, MT6985, MT8321, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-05T05:59:35.241Z,0 CVE-2024-20010,https://securityvulnerability.io/vulnerability/CVE-2024-20010,Possible Escalation of Privilege Vulnerability in keyInstall,"In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-05T05:59:30.948Z,0 CVE-2023-32872,https://securityvulnerability.io/vulnerability/CVE-2023-32872,Out of Bounds Write Vulnerability in MediaTek KeyInstall Component,"A vulnerability exists within the KeyInstall component of MediaTek due to a missing bounds check, enabling a possible out of bounds write. This flaw may allow a local attacker to escalate privileges to System execution privileges without requiring user interaction. Proper patching measures should be implemented promptly, particularly for versions prior to Patch ID ALPS08308607, to mitigate potential risks associated with this issue.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-02T03:15:00.000Z,0 CVE-2023-32875,https://securityvulnerability.io/vulnerability/CVE-2023-32875,Information Disclosure Vulnerability in MediaTek KeyInstall Component,"The vulnerability in MediaTek’s keyInstall component results from a missing bounds check, enabling a potential information disclosure. This issue allows attackers to gain unauthorized access to sensitive data, requiring system execution privileges to exploit. The vulnerability does not necessitate user interaction, raising concerns for local information security. Affected systems should prioritize implementing the patch ID ALPS08308607 to mitigate this risk.",MediaTek,"Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt8185, Mt8321, Mt8385, Mt8666, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-02T03:15:00.000Z,0 CVE-2023-32876,https://securityvulnerability.io/vulnerability/CVE-2023-32876,Information Disclosure Vulnerability in MediaTek KeyInstall,"The vulnerability in MediaTek's KeyInstall component arises from a missing bounds check, which could lead to local information disclosure. This issue allows unauthorized access to sensitive information within the system, requiring system execution privileges for exploitation. No user interaction is necessary, making the vulnerability particularly concerning for users relying on the affected product. MediaTek has issued a patch to address this issue, and users are strongly advised to update their systems to mitigate potential risks.",MediaTek,"MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-02T03:15:00.000Z,0 CVE-2023-32885,https://securityvulnerability.io/vulnerability/CVE-2023-32885,Memory Corruption Vulnerability in MediaTek Display DRM Products,"A vulnerability has been identified within the MediaTek display DRM that allows for potential memory corruption due to an inadequately implemented bounds check. This flaw may facilitate local privilege escalation, enabling attackers to execute actions with elevated system-level privileges. Crucially, user interaction is not a prerequisite for exploitation, which heightens the risk associated with this vulnerability. MediaTek recommends applying the relevant security patch (ALPS07780685) to mitigate any potential threats.",MediaTek,"MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8168, MT8188, MT8195, MT8766, MT8768, MT8781, MT8789, MT8791T, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-02T03:15:00.000Z,0