Lucene search

MediaTekCVELIST:CVE-2023-20819

HistoryOct 02, 2023 - 2:05 a.m.

CVE-2023-20819

2023-10-0202:05:25

MediaTek

www.cve.org

cdma

ppp

protocol

out of bounds write

vulnerability

remote escalation

privilege

missing bounds check

patch

issue id

moly01068234

alps08010003

AI Score

9.4

Confidence

High

EPSS

0.003

Percentile

68.6%

JSON

In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT2731, MT6570, MT6580, MT6595, MT6732, MT6735, MT6737, MT6737M, MT6738, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6757, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6795, MT6797, MT6799, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6983, MT6985, MT6989, MT8666, MT8666A, MT8667, MT8673, MT8675, MT8765, MT8766, MT8766Z, MT8768, MT8768A, MT8768B, MT8768T, MT8768Z, MT8781, MT8786, MT8788, MT8788T, MT8788X, MT8788Z, MT8791, MT8791T, MT8797, MT8798",
    "versions": [
      {
        "version": "Modem LR11, LR12A, LR13, NR15, NR16, NR17",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/October-2023