Lucene search

[email protected]NVD:CVE-2023-32890

HistoryJan 02, 2024 - 3:15 a.m.

CVE-2023-32890

2024-01-0203:15:08

CWE-20

[email protected]

web.nvd.nist.gov

modem

emm

vulnerability

denial of service

user interaction

input validation

system crash

remote

patch

issue

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

30.8%

JSON

In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).

Affected configurations

Nvd

Node

mediateklr13Match-

mediateknr15Match-

mediateknr16Match-

mediateknr17Match-

AND

mediatekmt2735Match-

mediatekmt6779Match-

mediatekmt6781Match-

mediatekmt6783Match-

mediatekmt6785Match-

mediatekmt6785tMatch-

mediatekmt6789Match-

mediatekmt6813Match-

mediatekmt6833Match-

mediatekmt6833pMatch-

mediatekmt6835Match-

mediatekmt6853Match-

mediatekmt6853tMatch-

mediatekmt6855Match-

mediatekmt6873Match-

mediatekmt6875Match-

mediatekmt6877Match-

mediatekmt6877tMatch-

mediatekmt6878Match-

mediatekmt6879Match-

mediatekmt6880Match-

mediatekmt6883Match-

mediatekmt6885Match-

mediatekmt6886Match-

mediatekmt6889Match-

mediatekmt6890Match-

mediatekmt6891Match-

mediatekmt6893Match-

mediatekmt6895Match-

mediatekmt6895tMatch-

mediatekmt6896Match-

mediatekmt6897Match-

mediatekmt6980Match-

mediatekmt6980dMatch-

mediatekmt6983tMatch-

mediatekmt6983wMatch-

mediatekmt6983zMatch-

mediatekmt6985Match-

mediatekmt6985tMatch-

mediatekmt6989Match-

mediatekmt6990Match-

VendorProductVersionCPE
mediateklr13-cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*
mediateknr15-cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*
mediateknr16-cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*
mediateknr17-cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*
mediatekmt2735-cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*
mediatekmt6779-cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
mediatekmt6781-cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
mediatekmt6783-cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*
mediatekmt6785-cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
mediatekmt6785t-cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mediatek	lr13	-	cpe:2.3:o:mediatek:lr13:-:::::::*
mediatek	nr15	-	cpe:2.3:o:mediatek:nr15:-:::::::*
mediatek	nr16	-	cpe:2.3:o:mediatek:nr16:-:::::::*
mediatek	nr17	-	cpe:2.3:o:mediatek:nr17:-:::::::*
mediatek	mt2735	-	cpe:2.3:h:mediatek:mt2735:-:::::::*
mediatek	mt6779	-	cpe:2.3:h:mediatek:mt6779:-:::::::*
mediatek	mt6781	-	cpe:2.3:h:mediatek:mt6781:-:::::::*
mediatek	mt6783	-	cpe:2.3:h:mediatek:mt6783:-:::::::*
mediatek	mt6785	-	cpe:2.3:h:mediatek:mt6785:-:::::::*
mediatek	mt6785t	-	cpe:2.3:h:mediatek:mt6785t:-:::::::*

Rows per page:

1-10 of 451

References

corp.mediatek.com/product-security-bulletin/April-2024

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

30.8%

JSON

Related for NVD:CVE-2023-32890

cvelist1 prion1 cve1 vulnrichment1