Lucene search

[email protected]NVD:CVE-2023-20702

HistoryNov 06, 2023 - 4:15 a.m.

CVE-2023-20702

2023-11-0604:15:07

[email protected]

web.nvd.nist.gov

nrlc

memory access

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

34.4%

JSON

In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.

Affected configurations

Nvd

Node

mediatekmt6835Match-

mediatekmt6873Match-

mediatekmt6875Match-

mediatekmt6879Match-

mediatekmt6883Match-

mediatekmt6885Match-

mediatekmt6886Match-

mediatekmt6889Match-

mediatekmt6895Match-

mediatekmt6980Match-

mediatekmt6983Match-

mediatekmt6985Match-

mediatekmt6990Match-

mediatekmt8673Match-

mediatekmt8675Match-

mediatekmt8791Match-

mediatekmt8791tMatch-

mediatekmt8797Match-

mediatekmt8798Match-

AND

mediateknr15Match-

mediateknr16Match-

mediateknr17Match-

VendorProductVersionCPE
mediatekmt6835-cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
mediatekmt6873-cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
mediatekmt6875-cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*
mediatekmt6879-cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
mediatekmt6883-cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
mediatekmt6885-cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
mediatekmt6886-cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
mediatekmt6889-cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
mediatekmt6895-cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
mediatekmt6980-cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mediatek	mt6835	-	cpe:2.3:h:mediatek:mt6835:-:::::::*
mediatek	mt6873	-	cpe:2.3:h:mediatek:mt6873:-:::::::*
mediatek	mt6875	-	cpe:2.3:h:mediatek:mt6875:-:::::::*
mediatek	mt6879	-	cpe:2.3:h:mediatek:mt6879:-:::::::*
mediatek	mt6883	-	cpe:2.3:h:mediatek:mt6883:-:::::::*
mediatek	mt6885	-	cpe:2.3:h:mediatek:mt6885:-:::::::*
mediatek	mt6886	-	cpe:2.3:h:mediatek:mt6886:-:::::::*
mediatek	mt6889	-	cpe:2.3:h:mediatek:mt6889:-:::::::*
mediatek	mt6895	-	cpe:2.3:h:mediatek:mt6895:-:::::::*
mediatek	mt6980	-	cpe:2.3:h:mediatek:mt6980:-:::::::*

Rows per page:

1-10 of 221

References

corp.mediatek.com/product-security-bulletin/November-2023

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

34.4%

JSON

Related for NVD:CVE-2023-20702

cve1 cvelist1 prion1 vulnrichment1