Lucene search

[email protected]NVD:CVE-2023-32888

HistoryJan 02, 2024 - 3:15 a.m.

CVE-2023-32888

2024-01-0203:15:08

CWE-787

[email protected]

web.nvd.nist.gov

modem ims call ua

out of bounds write

remote denial of service

missing bounds check

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

34.4%

JSON

In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).

Affected configurations

Nvd

Node

mediateknr15Match-

mediateknr16Match-

mediateknr17Match-

AND

mediatekmt2735Match-

mediatekmt6813Match-

mediatekmt6833Match-

mediatekmt6833pMatch-

mediatekmt6835Match-

mediatekmt6853Match-

mediatekmt6853tMatch-

mediatekmt6855Match-

mediatekmt6873Match-

mediatekmt6875Match-

mediatekmt6877Match-

mediatekmt6877tMatch-

mediatekmt6878Match-

mediatekmt6879Match-

mediatekmt6880Match-

mediatekmt6883Match-

mediatekmt6885Match-

mediatekmt6886Match-

mediatekmt6889Match-

mediatekmt6890Match-

mediatekmt6891Match-

mediatekmt6893Match-

mediatekmt6895Match-

mediatekmt6895tMatch-

mediatekmt6896Match-

mediatekmt6897Match-

mediatekmt6980Match-

mediatekmt6980dMatch-

mediatekmt6983tMatch-

mediatekmt6983wMatch-

mediatekmt6983zMatch-

mediatekmt6985Match-

mediatekmt6985tMatch-

mediatekmt6989Match-

mediatekmt6990Match-

VendorProductVersionCPE
mediateknr15-cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*
mediateknr16-cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*
mediateknr17-cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*
mediatekmt2735-cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*
mediatekmt6813-cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*
mediatekmt6833-cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
mediatekmt6833p-cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*
mediatekmt6835-cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
mediatekmt6853-cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
mediatekmt6853t-cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mediatek	nr15	-	cpe:2.3:o:mediatek:nr15:-:::::::*
mediatek	nr16	-	cpe:2.3:o:mediatek:nr16:-:::::::*
mediatek	nr17	-	cpe:2.3:o:mediatek:nr17:-:::::::*
mediatek	mt2735	-	cpe:2.3:h:mediatek:mt2735:-:::::::*
mediatek	mt6813	-	cpe:2.3:h:mediatek:mt6813:-:::::::*
mediatek	mt6833	-	cpe:2.3:h:mediatek:mt6833:-:::::::*
mediatek	mt6833p	-	cpe:2.3:h:mediatek:mt6833p:-:::::::*
mediatek	mt6835	-	cpe:2.3:h:mediatek:mt6835:-:::::::*
mediatek	mt6853	-	cpe:2.3:h:mediatek:mt6853:-:::::::*
mediatek	mt6853t	-	cpe:2.3:h:mediatek:mt6853t:-:::::::*

Rows per page:

1-10 of 381

References

corp.mediatek.com/product-security-bulletin/January-2024

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

34.4%

JSON

Related for NVD:CVE-2023-32888

prion1 cvelist1 cve1