cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-32871,https://securityvulnerability.io/vulnerability/CVE-2023-32871,Possible Permission Bypass in DA Product Could Lead to Local Escalation of Privilege,"A permission bypass vulnerability has been identified in MediaTek's products caused by an incorrect status check mechanism. This flaw allows an attacker to escalate privileges locally without requiring additional execution privileges or user interaction. Such vulnerabilities pose risks as they could be exploited to increase the privileges of a user or process beyond intended limitations, potentially leading to unauthorized access and control over the affected systems. Users and organizations utilizing MediaTek's products are advised to apply the necessary security patch identified as ALPS08355514 to mitigate this risk.",MediaTek,"Mt2737, Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6893, Mt6895, Mt6897, Mt6980, Mt6983, Mt6985, Mt6989, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8755, Mt8765, Mt8766, Mt8768, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-06T02:51:52.075Z,0
CVE-2024-20033,https://securityvulnerability.io/vulnerability/CVE-2024-20033,Possible Information Disclosure in NVRAM Due to Missing Bounds Check,"In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08499945; Issue ID: ALPS08499945.",MediaTek,"Mt2713, Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6785, Mt6789, Mt6835, Mt6855, Mt6879, Mt6883, Mt6885, Mt6886, Mt6893, Mt6895, Mt6983, Mt6985, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8370, Mt8385, Mt8390, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8678, Mt8755, Mt8765, Mt8766, Mt8768, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8792, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-04T02:43:48.493Z,0
CVE-2023-32884,https://securityvulnerability.io/vulnerability/CVE-2023-32884,Information Disclosure Vulnerability in MediaTek NetDagent,"A vulnerability exists in MediaTek's NetDagent due to improper bounds checking, leading to possible information disclosure. This issue may allow an attacker to escalate privileges locally with System execution rights. Exploitation of this vulnerability does not require user interaction, thus posing a significant threat to system integrity and user data. Affected versions have been patched under Patch ID ALPS07944011 to address this security concern.",MediaTek,"MT2713, MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8188, MT8192, MT8195, MT8195Z, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8696, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-02T03:15:00.000Z,0
CVE-2023-32883,https://securityvulnerability.io/vulnerability/CVE-2023-32883,Out of Bounds Write Vulnerability in MediaTek Engineer Mode,"In MediaTek's Engineer Mode, an out of bounds write vulnerability has been identified due to a missing bounds check. This flaw allows for local escalation of privileges, potentially granting malicious entities access to system execution privileges. Importantly, this vulnerability does not require user interaction for exploitation, making it a significant security concern. MediaTek has released a patch identified as ALPS08282249 to address this issue. It is crucial for users of affected MediaTek products to apply the latest updates to mitigate potential risks associated with this vulnerability.",MediaTek,"MT2713, MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-02T03:15:00.000Z,0
CVE-2023-32847,https://securityvulnerability.io/vulnerability/CVE-2023-32847,Out of Bounds Write Vulnerability in MediaTek Audio Systems,"This vulnerability in MediaTek audio systems occurs due to a missing bounds check, allowing a potential out of bounds write. Exploitation requires user interaction and can lead to a local escalation of privilege without the need for additional execution privileges. Mitigation strategies should be implemented promptly to enhance security against this vulnerability.",MediaTek,"MT2713, MT6580, MT6739, MT6761, MT6762, MT6765, MT6779, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798",7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2023-12-04T04:15:00.000Z,0
CVE-2023-32859,https://securityvulnerability.io/vulnerability/CVE-2023-32859,Buffer Overflow Vulnerability in MediaTek Products,"A buffer overflow vulnerability exists in the MediaTek product line due to a missing bounds check in meta processing. This flaw could allow an attacker to escalate privileges locally, gaining System execution privileges without requiring user interaction. Users are encouraged to apply the patch identified as ALPS08000473 to mitigate the risks associated with this vulnerability.",MediaTek,"Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6983, Mt6985, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8188t, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8390, Mt8395, Mt8666, Mt8675, Mt8766, Mt8768, Mt8786, Mt8788, Mt8789, Mt8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-12-04T04:15:00.000Z,0
CVE-2023-32827,https://securityvulnerability.io/vulnerability/CVE-2023-32827,Out of Bounds Write Vulnerability in MediaTek Camera Middleware,"A vulnerability exists in MediaTek's camera middleware that can result in an out of bounds write due to insufficient input validation. This flaw may allow attackers to escalate privileges locally, granting them system execution capabilities. Notably, exploitation does not require user interaction, making the vulnerability particularly concerning for system security. It's crucial for users and organizations leveraging MediaTek technology to apply the necessary patches to mitigate potential risks.",MediaTek,"Mt6879, Mt6886, Mt6895, Mt6983, Mt6985, Mt6989, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-02T03:15:00.000Z,0
CVE-2023-32822,https://securityvulnerability.io/vulnerability/CVE-2023-32822,Out of Bounds Write in MediaTek's FTM Component,"In the FTM component of MediaTek, a vulnerability exists that allows for an out of bounds write due to a missing bounds check. This flaw could potentially enable local escalation of privileges, requiring system execution rights for exploitation. Notably, user interaction is not needed to exploit this vulnerability, which highlights its potential impact on system security.",MediaTek,"Mt2713, Mt6739, Mt6761, Mt6762, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6833, Mt6835, Mt6855, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6891, Mt6893, Mt6895, Mt6985, Mt8167, Mt8167s, Mt8168, Mt8175, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8797, Mt8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-02T03:15:00.000Z,0
CVE-2023-32826,https://securityvulnerability.io/vulnerability/CVE-2023-32826,Out of Bounds Write Vulnerability in MediaTek Camera Middleware,"A vulnerability in MediaTek's camera middleware allows for an out-of-bounds write due to insufficient input validation. This security flaw can enable an attacker to escalate privileges locally, granting system execution capabilities. Importantly, the exploitation of this vulnerability does not require any user interaction, making it a serious concern for users of the affected products. Affected users are advised to apply the latest patches to mitigate potential risks.",MediaTek,"Mt6879, Mt6886, Mt6895, Mt6983, Mt6985, Mt6989, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-02T03:15:00.000Z,0
CVE-2023-20821,https://securityvulnerability.io/vulnerability/CVE-2023-20821,Out of Bounds Write Vulnerability in MediaTek NVRAM,"A vulnerability exists in MediaTek's NVRAM that allows for an out of bounds write due to a lack of sufficient bounds checking. This weakness could enable an attacker to perform local privilege escalation, potentially allowing unauthorized access to System execution privileges. Notably, user interaction is not required for the exploitation of this flaw, posing a risk in environments where the affected systems are utilized.",MediaTek,"Mt2713, Mt2735, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6980, Mt6983, Mt6985, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-09-04T03:15:00.000Z,0
CVE-2023-20832,https://securityvulnerability.io/vulnerability/CVE-2023-20832,Out of Bounds Write Vulnerability in Mediatek GPS Software,"A vulnerability exists in Mediatek's GPS software, characterized by an out of bounds write due to a missing bounds check. This flaw could allow local escalation of privilege, requiring system execution permissions for exploitation. Notably, user interaction is not necessary for an attacker to leverage this vulnerability. Affected users should apply patches promptly to mitigate any potential risks.",MediaTek,"Mt2735, Mt6761, Mt6762, Mt6765, Mt6768, Mt6769, Mt6779, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6980, Mt6983, Mt6985, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8175, Mt8195, Mt8362a, Mt8365",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-09-04T03:15:00.000Z,0
CVE-2023-20790,https://securityvulnerability.io/vulnerability/CVE-2023-20790,Out of Bounds Write Vulnerability in NVRAM by MediaTek,"A potential out of bounds write vulnerability exists in the NVRAM component of MediaTek products. This flaw arises from a missing bounds check, which can lead to local information disclosure, necessitating system execution privileges for exploitation. Notably, user interaction is not required for the attack, allowing it to be executed without prior consent from the user. A patch has been issued to address this vulnerability, emphasizing the importance of maintaining updated software to safeguard against potential exploits.",MediaTek,"Mt2713, Mt2735, Mt2737, Mt6739, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6980, Mt6983, Mt6985, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-07T04:15:00.000Z,0
CVE-2023-20786,https://securityvulnerability.io/vulnerability/CVE-2023-20786,Out of Bounds Write Vulnerability in MediaTek GPS Components,"An out of bounds write vulnerability has been discovered in MediaTek's GPS components, resulting from a missing bounds check. This flaw could potentially allow an attacker to escalate local privileges to system execution level without requiring any user interaction. Affected systems should be patched promptly to mitigate this risk. For more details and to obtain the patch, please refer to MediaTek's product security bulletin.",MediaTek,"Mt2713, Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6983, Mt6985, Mt8167, Mt8167s, Mt8168, Mt8175, Mt8188, Mt8195, Mt8362a, Mt8365, Mt8673",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-07T04:15:00.000Z,0
CVE-2023-20750,https://securityvulnerability.io/vulnerability/CVE-2023-20750,Out of Bounds Write Vulnerability in MediaTek Products,"A vulnerability exists in MediaTek's SWPM due to a race condition that can lead to an out of bounds write. This flaw can allow an attacker to gain access to local information, requiring system execution privileges for exploitation. Importantly, user interaction is not required, making this a potential risk for systems running affected versions. Users and administrators are encouraged to apply the necessary patches to mitigate this risk.",MediaTek,"MT6835, MT6886, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791T, MT8797",4.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-06T13:15:00.000Z,0
CVE-2023-20751,https://securityvulnerability.io/vulnerability/CVE-2023-20751,Potential Out of Bounds Write Vulnerability in MediaTek Key Management Component,"A vulnerability exists in the key management component of MediaTek products, where a missing bounds check can lead to an out of bounds write condition. This security flaw may allow an attacker to escalate privileges locally, gaining system execution capabilities without needing user interaction. Remediation is available through a dedicated patch from MediaTek.",MediaTek,"MT8167, MT8167S, MT8168, MT8175, MT8195, MT8362A, MT8365",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-06T13:15:00.000Z,0
CVE-2023-20752,https://securityvulnerability.io/vulnerability/CVE-2023-20752,Out of Bounds Write Vulnerability in MediaTek KeyManagement Product,"A vulnerability exists in MediaTek's KeyManagement product that allows for an out of bounds write due to missing bounds checks. This flaw can potentially lead to local privilege escalation with system-level execution privileges. Importantly, exploitation can occur without requiring user interaction, which heightens the risk of unauthorized access and control over vulnerable systems. MediaTek has acknowledged this issue and provided a patch under Patch ID: ALPS07826586, urging users to update their systems to mitigate this potential threat.",MediaTek,"MT8167, MT8167S, MT8168, MT8175, MT8195, MT8362A, MT8365",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-06T13:15:00.000Z,0
CVE-2023-20749,https://securityvulnerability.io/vulnerability/CVE-2023-20749,Out of Bounds Write Vulnerability in SWPM by MediaTek,"A vulnerability exists in the SWPM product by MediaTek that allows for out-of-bounds writes due to inadequate bounds checking. This flaw could facilitate local privilege escalation, requiring system execution privileges for exploitation. Unlike other vulnerabilities, this one does not require user interaction, making it a significant risk for affected systems. MediaTek has provided a patch identified as ALPS07780926 to address this issue.",MediaTek,"MT6789, MT6835, MT6855, MT6879, MT6886, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791T, MT8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-06T13:15:00.000Z,0
CVE-2023-20655,https://securityvulnerability.io/vulnerability/CVE-2023-20655,Privilege Escalation Vulnerability in MediaTek mmsdk Product,"A vulnerability exists in the MediaTek mmsdk due to a parcel format mismatch, which might allow local code execution without requiring additional execution privileges or user interaction. This flaw can be exploited by attackers to gain unauthorized access to system resources, posing a significant security risk. Users of affected versions are advised to apply the recommended patches promptly to safeguard their systems.",MediaTek,"MT2715, MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8192, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891",7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-04-06T00:00:00.000Z,0
CVE-2022-20023,https://securityvulnerability.io/vulnerability/CVE-2022-20023,Bluetooth Flooding Vulnerability in MediaTek Devices,"This vulnerability involves a scenario where Bluetooth-enabled devices can be flooded with unexpected LMP_AU_rand packets, potentially causing the application to crash. With no additional execution privileges required, attackers can exploit this issue remotely, making user interaction unnecessary. This denial of service attack can compromise Bluetooth functionality, highlighting the need for timely updates and security patches to mitigate risks.",MediaTek,"Mt6580, Mt6630, Mt6735, Mt6737, Mt6739, Mt6750s, Mt6753, Mt6755s, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6771, Mt6779, Mt6785, Mt6833, Mt6853, Mt6853t, Mt6873, Mt6877, Mt6885, Mt6889, Mt6893, Mt7662t, Mt7663, Mt7668, Mt7915, Mt7920, Mt7921, Mt7922, Mt8163, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8183, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8362b, Mt8365, Mt8385, Mt8765, Mt8766, Mt8768, Mt8786, Mt8788, Mt8789, Mt8791, Mt8797",6.5,MEDIUM,0.0005099999834783375,false,,false,false,false,,,false,false,,2022-01-04T15:57:24.000Z,0