An issue was discovered on the MediaTek AWUS036NH wireless USB adapter through 5.1.25.0. Attackers can remotely deny service by sending specially constructed 802.11 frames.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | awus036nh_firmware | 5.1.25.0 |
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8163_firmware | - |
| mediatek | mt6625_firmware | - |
| mediatek | mt6577_firmware | - |
A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which would allow an attacker to discern information or potentially modify data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-290,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7620n_firmware | 1.06 |
In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | linkit_software_development_kit | * |
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | en7580_firmware | * |
| mediatek | en7528_firmware | * |
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | en7580_firmware | * |
| mediatek | en7528_firmware | * |
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | en7580_firmware | * |
| mediatek | en7528_firmware | * |
In Boa, there is a possible information disclosure due to a missing permission check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | en7580_firmware | * |
| mediatek | en7528_firmware | * |
In Boa, there is a possible escalation of privilege due to a missing permission check. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | en7580_firmware | * |
| mediatek | en7528_firmware | * |
In Boa, there is a possible escalation of privilege due to a stack buffer overflow. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | en7580_firmware | * |
| mediatek | en7528_firmware | * |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7620_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7620_firmware | 7.4.0.0 |
| mediatek | mt7610_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7620_firmware | 7.4.0.0 |
| mediatek | mt7610_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964917.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | modem | lr12a |
| mediatek | modem | lr13 |
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | modem | lr12a |
| mediatek | modem | lr13 |
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | modem | lr12a |
| mediatek | modem | lr13 |
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | modem | lr12a |
| mediatek | modem | lr13 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7620_firmware | 7.4.0.0 |
| mediatek | mt7610_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7620_firmware | 7.4.0.0 |
| mediatek | mt7610_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7620_firmware | 7.4.0.0 |
| mediatek | mt7610_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7620_firmware | 7.4.0.0 |
| mediatek | mt7610_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7620_firmware | 7.4.0.0 |
| mediatek | mt7610_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7610_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
| mediatek | mt7620_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 3.9 | 4.2 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7620_firmware | 7.4.0.0 |
| mediatek | mt7610_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-319,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr11 | - |
| mediatek | lr13 | - |
| mediatek | lr12 | - |
| mediatek | lr12a | - |
| mediatek | l9 | * |
| mediatek | nr15 | - |
MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve@mitre.org | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L | 2.2 | 4.2 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.4.0.0 |
| mediatek | mt7628_firmware | 7.4.0.0 |
| mediatek | mt7629_firmware | 7.4.0.0 |
| mediatek | mt7622_firmware | 7.4.0.0 |
| mediatek | mt7612_firmware | 7.4.0.0 |
| mediatek | mt7615_firmware | 7.4.0.0 |
| mediatek | mt7603e_firmware | 7.4.0.0 |
| mediatek | mt7915_firmware | 7.4.0.0 |
In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7615_firmware | 4.4.1.1 |
| mediatek | mt7622_firmware | 4.4.1.1 |
In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID: MOLY00803883.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr11 | - |
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | lr12 | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
| mediatek | lr9 | - |
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr11 | - |
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | lr12 | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
| mediatek | lr9 | - |
In httpclient, there is a possible out of bounds write due to uninitialized data. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WSAP00103831; Issue ID: WSAP00103831.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nbiot_sdk | 2.8.1 |
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8981_firmware | 7.6.2.3 |
| mediatek | mt7916_firmware | 7.6.2.3 |
| mediatek | mt7622_firmware | 7.6.2.3 |
| mediatek | mt7915_firmware | 7.6.2.3 |
| mediatek | mt7613_firmware | 7.6.2.3 |
| mediatek | mt7629_firmware | 7.6.2.3 |
| mediatek | mt7620_firmware | 7.6.2.3 |
| mediatek | mt7628_firmware | 7.6.2.3 |
| mediatek | mt7610_firmware | 7.6.2.3 |
| mediatek | mt7615_firmware | 7.6.2.3 |
| mediatek | mt7603_firmware | 7.6.2.3 |
| mediatek | mt7986_firmware | 7.6.2.3 |
| mediatek | mt7612_firmware | 7.6.2.3 |
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8981_firmware | 7.6.2.3 |
| mediatek | mt7916_firmware | 7.6.2.3 |
| mediatek | mt7622_firmware | 7.6.2.3 |
| mediatek | mt7915_firmware | 7.6.2.3 |
| mediatek | mt7613_firmware | 7.6.2.3 |
| mediatek | mt7629_firmware | 7.6.2.3 |
| mediatek | mt7620_firmware | 7.6.2.3 |
| mediatek | mt7628_firmware | 7.6.2.3 |
| mediatek | mt7610_firmware | 7.6.2.3 |
| mediatek | mt7615_firmware | 7.6.2.3 |
| mediatek | mt7603_firmware | 7.6.2.3 |
| mediatek | mt7986_firmware | 7.6.2.3 |
| mediatek | mt7612_firmware | 7.6.2.3 |
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8981_firmware | 7.6.2.3 |
| mediatek | mt7916_firmware | 7.6.2.3 |
| mediatek | mt7622_firmware | 7.6.2.3 |
| mediatek | mt7915_firmware | 7.6.2.3 |
| mediatek | mt7613_firmware | 7.6.2.3 |
| mediatek | mt7629_firmware | 7.6.2.3 |
| mediatek | mt7620_firmware | 7.6.2.3 |
| mediatek | mt7628_firmware | 7.6.2.3 |
| mediatek | mt7610_firmware | 7.6.2.3 |
| mediatek | mt7615_firmware | 7.6.2.3 |
| mediatek | mt7603_firmware | 7.6.2.3 |
| mediatek | mt7986_firmware | 7.6.2.3 |
| mediatek | mt7612_firmware | 7.6.2.3 |
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8981_firmware | 7.6.2.3 |
| mediatek | mt7916_firmware | 7.6.2.3 |
| mediatek | mt7622_firmware | 7.6.2.3 |
| mediatek | mt7915_firmware | 7.6.2.3 |
| mediatek | mt7613_firmware | 7.6.2.3 |
| mediatek | mt7629_firmware | 7.6.2.3 |
| mediatek | mt7620_firmware | 7.6.2.3 |
| mediatek | mt7628_firmware | 7.6.2.3 |
| mediatek | mt7610_firmware | 7.6.2.3 |
| mediatek | mt7615_firmware | 7.6.2.3 |
| mediatek | mt7603_firmware | 7.6.2.3 |
| mediatek | mt7986_firmware | 7.6.2.3 |
| mediatek | mt7612_firmware | 7.6.2.3 |
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8981_firmware | 7.6.2.3 |
| mediatek | mt7916_firmware | 7.6.2.3 |
| mediatek | mt7622_firmware | 7.6.2.3 |
| mediatek | mt7915_firmware | 7.6.2.3 |
| mediatek | mt7613_firmware | 7.6.2.3 |
| mediatek | mt7629_firmware | 7.6.2.3 |
| mediatek | mt7620_firmware | 7.6.2.3 |
| mediatek | mt7628_firmware | 7.6.2.3 |
| mediatek | mt7610_firmware | 7.6.2.3 |
| mediatek | mt7615_firmware | 7.6.2.3 |
| mediatek | mt7603_firmware | 7.6.2.3 |
| mediatek | mt7986_firmware | 7.6.2.3 |
| mediatek | mt7612_firmware | 7.6.2.3 |
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8981_firmware | 7.6.2.3 |
| mediatek | mt7916_firmware | 7.6.2.3 |
| mediatek | mt7622_firmware | 7.6.2.3 |
| mediatek | mt7915_firmware | 7.6.2.3 |
| mediatek | mt7613_firmware | 7.6.2.3 |
| mediatek | mt7629_firmware | 7.6.2.3 |
| mediatek | mt7620_firmware | 7.6.2.3 |
| mediatek | mt7628_firmware | 7.6.2.3 |
| mediatek | mt7610_firmware | 7.6.2.3 |
| mediatek | mt7615_firmware | 7.6.2.3 |
| mediatek | mt7603_firmware | 7.6.2.3 |
| mediatek | mt7986_firmware | 7.6.2.3 |
| mediatek | mt7612_firmware | 7.6.2.3 |
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8981_firmware | 7.6.2.3 |
| mediatek | mt7916_firmware | 7.6.2.3 |
| mediatek | mt7622_firmware | 7.6.2.3 |
| mediatek | mt7915_firmware | 7.6.2.3 |
| mediatek | mt7613_firmware | 7.6.2.3 |
| mediatek | mt7629_firmware | 7.6.2.3 |
| mediatek | mt7620_firmware | 7.6.2.3 |
| mediatek | mt7628_firmware | 7.6.2.3 |
| mediatek | mt7610_firmware | 7.6.2.3 |
| mediatek | mt7615_firmware | 7.6.2.3 |
| mediatek | mt7603_firmware | 7.6.2.3 |
| mediatek | mt7986_firmware | 7.6.2.3 |
| mediatek | mt7612_firmware | 7.6.2.3 |
In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8981_firmware | 7.6.2.3 |
| mediatek | mt7916_firmware | 7.6.2.3 |
| mediatek | mt7622_firmware | 7.6.2.3 |
| mediatek | mt7915_firmware | 7.6.2.3 |
| mediatek | mt7613_firmware | 7.6.2.3 |
| mediatek | mt7629_firmware | 7.6.2.3 |
| mediatek | mt7620_firmware | 7.6.2.3 |
| mediatek | mt7628_firmware | 7.6.2.3 |
| mediatek | mt7610_firmware | 7.6.2.3 |
| mediatek | mt7615_firmware | 7.6.2.3 |
| mediatek | mt7603_firmware | 7.6.2.3 |
| mediatek | mt7986_firmware | 7.6.2.3 |
| mediatek | mt7612_firmware | 7.6.2.3 |
In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.6.6.0 |
| mediatek | mt7682_firmware | 7.6.6.0 |
| mediatek | mt7921_firmware | 7.6.6.0 |
| mediatek | mt5221_firmware | 7.6.6.0 |
| mediatek | mt7902_firmware | 7.6.6.0 |
| mediatek | mt8365_firmware | 7.6.6.0 |
| mediatek | mt7915_firmware | 7.6.6.0 |
| mediatek | mt7622_firmware | 7.6.6.0 |
| mediatek | mt7615_firmware | 7.6.6.0 |
| mediatek | mt7668_firmware | 7.6.6.0 |
| mediatek | mt8385_firmware | 7.6.6.0 |
| mediatek | mt8788_firmware | 7.6.6.0 |
| mediatek | mt7629_firmware | 7.6.6.0 |
| mediatek | mt7686_firmware | 7.6.6.0 |
| mediatek | mt8532_firmware | 7.6.6.0 |
| mediatek | mt7628_firmware | 7.6.6.0 |
| mediatek | mt7663_firmware | 7.6.6.0 |
| mediatek | mt8518s_firmware | 7.6.6.0 |
| mediatek | mt8362a_firmware | 7.6.6.0 |
| mediatek | mt7697_firmware | 7.6.6.0 |
| mediatek | mt8167s_firmware | 7.6.6.0 |
| mediatek | mt8696_firmware | 7.6.6.0 |
| mediatek | mt8175_firmware | 7.6.6.0 |
| mediatek | mt7603_firmware | 7.6.6.0 |
| mediatek | mt7933_firmware | 7.6.6.0 |
| mediatek | mt7916_firmware | 7.6.6.0 |
| mediatek | mt7687_firmware | 7.6.6.0 |
| mediatek | mt7986_firmware | 7.6.6.0 |
| mediatek | mt8695_firmware | 7.6.6.0 |
| mediatek | mt7981_firmware | 7.6.6.0 |
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.6.6.0 |
| mediatek | mt7682_firmware | 7.6.6.0 |
| mediatek | mt7921_firmware | 7.6.6.0 |
| mediatek | mt5221_firmware | 7.6.6.0 |
| mediatek | mt7902_firmware | 7.6.6.0 |
| mediatek | mt8365_firmware | 7.6.6.0 |
| mediatek | mt7915_firmware | 7.6.6.0 |
| mediatek | mt7622_firmware | 7.6.6.0 |
| mediatek | mt7615_firmware | 7.6.6.0 |
| mediatek | mt7668_firmware | 7.6.6.0 |
| mediatek | mt8385_firmware | 7.6.6.0 |
| mediatek | mt8788_firmware | 7.6.6.0 |
| mediatek | mt7629_firmware | 7.6.6.0 |
| mediatek | mt7686_firmware | 7.6.6.0 |
| mediatek | mt8532_firmware | 7.6.6.0 |
| mediatek | mt7628_firmware | 7.6.6.0 |
| mediatek | mt7663_firmware | 7.6.6.0 |
| mediatek | mt8518s_firmware | 7.6.6.0 |
| mediatek | mt8362a_firmware | 7.6.6.0 |
| mediatek | mt7697_firmware | 7.6.6.0 |
| mediatek | mt8167s_firmware | 7.6.6.0 |
| mediatek | mt8696_firmware | 7.6.6.0 |
| mediatek | mt8175_firmware | 7.6.6.0 |
| mediatek | mt7603_firmware | 7.6.6.0 |
| mediatek | mt7933_firmware | 7.6.6.0 |
| mediatek | mt7916_firmware | 7.6.6.0 |
| mediatek | mt7687_firmware | 7.6.6.0 |
| mediatek | mt7986_firmware | 7.6.6.0 |
| mediatek | mt8695_firmware | 7.6.6.0 |
| mediatek | mt7981_firmware | 7.6.6.0 |
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.6.6.0 |
| mediatek | mt7682_firmware | 7.6.6.0 |
| mediatek | mt7921_firmware | 7.6.6.0 |
| mediatek | mt5221_firmware | 7.6.6.0 |
| mediatek | mt7902_firmware | 7.6.6.0 |
| mediatek | mt8365_firmware | 7.6.6.0 |
| mediatek | mt7915_firmware | 7.6.6.0 |
| mediatek | mt7622_firmware | 7.6.6.0 |
| mediatek | mt7615_firmware | 7.6.6.0 |
| mediatek | mt7668_firmware | 7.6.6.0 |
| mediatek | mt8385_firmware | 7.6.6.0 |
| mediatek | mt8788_firmware | 7.6.6.0 |
| mediatek | mt7629_firmware | 7.6.6.0 |
| mediatek | mt7686_firmware | 7.6.6.0 |
| mediatek | mt8532_firmware | 7.6.6.0 |
| mediatek | mt7628_firmware | 7.6.6.0 |
| mediatek | mt7663_firmware | 7.6.6.0 |
| mediatek | mt8518s_firmware | 7.6.6.0 |
| mediatek | mt8362a_firmware | 7.6.6.0 |
| mediatek | mt7697_firmware | 7.6.6.0 |
| mediatek | mt8167s_firmware | 7.6.6.0 |
| mediatek | mt8696_firmware | 7.6.6.0 |
| mediatek | mt8175_firmware | 7.6.6.0 |
| mediatek | mt7603_firmware | 7.6.6.0 |
| mediatek | mt7933_firmware | 7.6.6.0 |
| mediatek | mt7916_firmware | 7.6.6.0 |
| mediatek | mt7687_firmware | 7.6.6.0 |
| mediatek | mt7986_firmware | 7.6.6.0 |
| mediatek | mt8695_firmware | 7.6.6.0 |
| mediatek | mt7981_firmware | 7.6.6.0 |
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7915_firmware | 7.6.6.0 |
| mediatek | mt7613_firmware | 7.6.6.0 |
| mediatek | mt7628_firmware | 7.6.6.0 |
| mediatek | mt7622_firmware | 7.6.6.0 |
| mediatek | mt7615_firmware | 7.6.6.0 |
| mediatek | mt7986_firmware | 7.6.6.0 |
| mediatek | mt7629_firmware | 7.6.6.0 |
| mediatek | mt7603_firmware | 7.6.6.0 |
| mediatek | mt7916_firmware | 7.6.6.0 |
| mediatek | mt7981_firmware | 7.6.6.0 |
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7915_firmware | 7.6.6.0 |
| mediatek | mt7613_firmware | 7.6.6.0 |
| mediatek | mt7628_firmware | 7.6.6.0 |
| mediatek | mt7622_firmware | 7.6.6.0 |
| mediatek | mt7615_firmware | 7.6.6.0 |
| mediatek | mt7986_firmware | 7.6.6.0 |
| mediatek | mt7629_firmware | 7.6.6.0 |
| mediatek | mt7603_firmware | 7.6.6.0 |
| mediatek | mt7916_firmware | 7.6.6.0 |
| mediatek | mt7981_firmware | 7.6.6.0 |
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.6.6.0 |
| mediatek | mt7628_firmware | 7.6.6.0 |
| mediatek | mt8518s_firmware | 7.6.6.0 |
| mediatek | mt7603_firmware | 7.6.6.0 |
| mediatek | mt7916_firmware | 7.6.6.0 |
| mediatek | mt7915_firmware | 7.6.6.0 |
| thelinuxfoundation | yocto | 3.1 |
| mediatek | mt7622_firmware | 7.6.6.0 |
| thelinuxfoundation | yocto | 3.3 |
| mediatek | mt7615_firmware | 7.6.6.0 |
| mediatek | mt7986_firmware | 7.6.6.0 |
| mediatek | mt7629_firmware | 7.6.6.0 |
| mediatek | mt7981_firmware | 7.6.6.0 |
| mediatek | mt8532_firmware | 7.6.6.0 |
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt8167s_firmware | 7.6.6.1 |
| mediatek | mt7916_firmware | 7.6.6.1 |
| mediatek | mt7986_firmware | 7.6.6.1 |
| mediatek | mt7615_firmware | 7.6.6.1 |
| mediatek | mt7628_firmware | 7.6.6.1 |
| mediatek | mt8385_firmware | 7.6.6.1 |
| mediatek | mt7622_firmware | 7.6.6.1 |
| mediatek | mt7902_firmware | 7.6.6.1 |
| mediatek | mt5221_firmware | 7.6.6.1 |
| mediatek | mt7603_firmware | 7.6.6.1 |
| mediatek | mt8362a_firmware | 7.6.6.1 |
| mediatek | mt8532_firmware | 7.6.6.1 |
| mediatek | mt7921_firmware | 7.6.6.1 |
| mediatek | mt7915_firmware | 7.6.6.1 |
| mediatek | mt7613_firmware | 7.6.6.1 |
| mediatek | mt7629_firmware | 7.6.6.1 |
| mediatek | mt8175_firmware | 7.6.6.1 |
| mediatek | mt7668_firmware | 7.6.6.1 |
| mediatek | mt7981_firmware | 7.6.6.1 |
| mediatek | mt8365_firmware | 7.6.6.1 |
| mediatek | mt8518s_firmware | 7.6.6.1 |
| mediatek | mt8788_firmware | 7.6.6.1 |
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Patch ID: A20220004; Issue ID: OSBNB00140929.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | linkit_software_development_kit | * |
In Boa, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20220026; Issue ID: OSBNB00144124.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | linkit_software_development_kit | * |
In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7613_firmware | 7.6.6.0 |
| mediatek | mt7628_firmware | 7.6.6.0 |
| mediatek | mt7603_firmware | 7.6.6.0 |
| mediatek | mt7916_firmware | 7.6.6.0 |
| mediatek | mt8365_firmware | 7.6.6.0 |
| mediatek | mt7915_firmware | 7.6.6.0 |
| linuxfoundation | yocto | 4.0 |
| mediatek | mt7622_firmware | 7.6.6.0 |
| mediatek | mt7615_firmware | 7.6.6.0 |
| mediatek | mt7986_firmware | 7.6.6.0 |
| mediatek | mt7629_firmware | 7.6.6.0 |
| mediatek | mt7981_firmware | 7.6.6.0 |
In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | iot_yocto | 22.2 |
| android | 12.0 | |
| android | 11.0 | |
| android | 13.0 |
In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | iot_yocto | 23.0 |
| android | 13.0 |
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr11 | - |
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
| nvd@nist.gov | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 13.0 |
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N | 0.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N | 0.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354058; Issue ID: ALPS07340121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N | 0.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N | 0.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N | 0.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H | 0.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.1 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 |
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 4.0 |
| openwrt | openwrt | 21.02.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 13.0 |
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 13.0 |
In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 13.0 |
In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 3.3 |
| linux | linux_kernel | 4.19 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 11.0 | |
| android | 13.0 | |
| linuxfoundation | yocto | 3.1 |
In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767817; Issue ID: ALPS07767817.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | iot_yocto | 23.0 |
| android | 12.0 |
In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 3.3 |
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.0 |
| android | 12.0 | |
| android | 13.0 | |
| linuxfoundation | yocto | 3.1 |
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_development_kit | * |
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| android | 12.0 | |
| android | 11.0 | |
| android | 13.0 | |
| mediatek | nr15 | - |
In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01191612 (MSV-981).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01195812 (MSV-985).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation Patch ID: WCNCR00350938; Issue ID: MSV-1132.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_development_kit | * |
In wlan driver, there is a possible memory leak due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00351241; Issue ID: MSV-1173.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_package | * |
In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation Patch ID: ALPS08518692; Issue ID: MSV-1012.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 4.0 |
| mediatek | iot_yocto | 23.2 |
| android | 12.0 | |
| android | 13.0 |
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
In modem, there is a possible out of bounds write due to improper input invalidation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01267285; Issue ID: MSV-1462.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01286330; Issue ID: MSV-1430.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364733; Issue ID: MSV-1331.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
| openwrt | openwrt | 23.05 |
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364732; Issue ID: MSV-1332.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
| openwrt | openwrt | 23.05 |
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; Issue ID: MSV-1411.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297806; Issue ID: MSV-1481.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr12a | - |
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr12a | - |
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| android | 14.0 | |
| android | 12.0 | |
| mediatek | software_development_kit | * |
| android | 13.0 | |
| mediatek | iot_yocto | 24.0 |
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| android | 14.0 | |
| android | 15.0 | |
| mediatek | software_development_kit | * |
| android | 13.0 |
In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| android | 14.0 | |
| android | 15.0 | |
| mediatek | software_development_kit | * |
| android | 13.0 |
In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
In Modem, there is a possible out of bonds write due to a mission bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00957388; Issue ID: MSV-1872.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| android | 14.0 | |
| android | 15.0 | |
| mediatek | software_development_kit | * |
| android | 13.0 |
In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001270; Issue ID: MSV-1600.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 3.3 |
| linuxfoundation | yocto | 4.0 |
| android | 14.0 | |
| android | 15.0 | |
| linuxfoundation | yocto | 5.0 |
| mediatek | software_development_kit | * |
| openwrt | openwrt | 23.05.0 |
| android | 13.0 |
In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 3.3 |
| linuxfoundation | yocto | 4.0 |
| android | 14.0 | |
| android | 15.0 | |
| linuxfoundation | yocto | 5.0 |
| mediatek | software_development_kit | * |
| android | 13.0 | |
| openwrt | openwrt | 23.05 |
In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389046 (Note: For MT79XX chipsets) / ALPS09136501 (Note: For MT2737, MT3603, MT6XXX, and MT8XXX chipsets); Issue ID: MSV-1797.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 3.3 |
| linuxfoundation | yocto | 4.0 |
| android | 14.0 | |
| android | 15.0 | |
| linuxfoundation | yocto | 5.0 |
| mediatek | software_development_kit | * |
| android | 13.0 | |
| openwrt | openwrt | 23.05 |
In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 3.3 |
| linuxfoundation | yocto | 4.0 |
| android | 14.0 | |
| android | 15.0 | |
| linuxfoundation | yocto | 5.0 |
| mediatek | software_development_kit | * |
| android | 13.0 |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01231341 / MOLY01263331 / MOLY01233835; Issue ID: MSV-2165.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | lr12 | - |
| mediatek | nr17.r1 | - |
| mediatek | nr17.r2 | * |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 3.3 |
| linuxfoundation | yocto | 4.0 |
| android | 14.0 | |
| android | 15.0 | |
| linuxfoundation | yocto | 5.0 |
| mediatek | software_development_kit | * |
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | lr12a | - |
| mediatek | nr16.r1.mp | - |
| mediatek | nr16.r2.mp | - |
| mediatek | nr16.r1.mp1mp2.mp | - |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397139; Issue ID: MSV-2188.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_development_kit | * |
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr15 | - |
In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389074; Issue ID: MSV-1803.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_development_kit | * |
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00791311 / MOLY01067019; Issue ID: MSV-2721.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr12a | - |
| mediatek | nr16 | - |
| mediatek | nr13 | - |
| mediatek | nr15 | - |
In Bluetooth Stack SW, there is a possible information disclosure due to a missing permission check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00396437; Issue ID: MSV-2184.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_development_kit | * |
| openwrt | openwrt | 23.05 |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt6765_firmware | - |
| mediatek | mt6875_firmware | - |
| mediatek | mt6877tt_firmware | - |
| mediatek | mt6878m_firmware | - |
| mediatek | mt6893_firmware | - |
| mediatek | mt8676_firmware | - |
| mediatek | mt6785t_firmware | - |
| mediatek | mt2735_firmware | - |
| mediatek | mt6763_firmware | - |
| mediatek | mt6891_firmware | - |
| mediatek | mt6768_firmware | - |
| mediatek | mt6855t_firmware | - |
| mediatek | mt6886_firmware | - |
| mediatek | mt6783_firmware | - |
| mediatek | mt6879_firmware | - |
| mediatek | mt6985_firmware | - |
| mediatek | mt8796_firmware | - |
| mediatek | mt6853_firmware | - |
| mediatek | mt8771_firmware | - |
| mediatek | mt8788e_firmware | - |
| mediatek | mt6739_firmware | - |
| mediatek | mt8675_firmware | - |
| mediatek | mt6769s_firmware | - |
| mediatek | mt6779_firmware | - |
| mediatek | mt6813_firmware | - |
| mediatek | mt6781_firmware | - |
| mediatek | mt6853t_firmware | - |
| mediatek | mt6989t_firmware | - |
| mediatek | mt8766_firmware | - |
| mediatek | mt6765t_firmware | - |
| mediatek | mt6769t_firmware | - |
| mediatek | mt6855_firmware | - |
| mediatek | mt8673_firmware | - |
| mediatek | mt8863_firmware | - |
| mediatek | mt6897_firmware | - |
| mediatek | mt6762_firmware | - |
| mediatek | mt6835t_firmware | - |
| mediatek | mt6983t_firmware | - |
| mediatek | mt6989_firmware | - |
| mediatek | mt6762m_firmware | - |
| mediatek | mt8765_firmware | - |
| mediatek | mt6896_firmware | - |
| mediatek | mt6762d_firmware | - |
| mediatek | mt8797_firmware | - |
| mediatek | mt8666_firmware | - |
| mediatek | mt6885_firmware | - |
| mediatek | mt6895tt_firmware | - |
| mediatek | mt6873_firmware | - |
| mediatek | mt8798_firmware | - |
| mediatek | mt6785u_firmware | - |
| mediatek | mt6890_firmware | - |
| mediatek | mt6895_firmware | - |
| mediatek | mt6880_firmware | - |
| mediatek | mt6833_firmware | - |
| mediatek | mt8788_firmware | - |
| mediatek | mt8791t_firmware | - |
| mediatek | mt6835_firmware | - |
| mediatek | mt8678_firmware | - |
| mediatek | mt8667_firmware | - |
| mediatek | mt6767_firmware | - |
| mediatek | mt2737_firmware | - |
| mediatek | mt6877_firmware | - |
| mediatek | mt6980_firmware | - |
| mediatek | mt6899_firmware | - |
| mediatek | mt6769z_firmware | - |
| mediatek | mt8781_firmware | - |
| mediatek | mt6878_firmware | - |
| mediatek | mt8786_firmware | - |
| mediatek | mt6769k_firmware | - |
| mediatek | mt6883_firmware | - |
| mediatek | mt6889_firmware | - |
| mediatek | mt6769_firmware | - |
| mediatek | mt6771_firmware | - |
| mediatek | mt6990_firmware | - |
| mediatek | mt6877t_firmware | - |
| mediatek | mt8768_firmware | - |
| mediatek | mt6761_firmware | - |
| mediatek | mt6833p_firmware | - |
| mediatek | mt6980d_firmware | - |
| mediatek | mt6785_firmware | - |
| mediatek | mt6875t_firmware | - |
| mediatek | mt6789_firmware | - |
| mediatek | mt6983_firmware | - |
| mediatek | mt6985t_firmware | - |
| mediatek | mt6991_firmware | - |
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00650610; Issue ID: MSV-2933.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01334347; Issue ID: MSV-2772.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.7 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H | 2.1 | 3.6 |
| nvd@nist.gov | 5.7 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | 2.1 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412257; Issue ID: MSV-3292.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7922_firmware | * |
| mediatek | mt7921_firmware | * |
| mediatek | mt7925_firmware | * |
| mediatek | mt7927_firmware | * |
| mediatek | mt7902_firmware | * |
In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413200; Issue ID: MSV-3304.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7922_firmware | * |
| mediatek | mt7921_firmware | * |
| mediatek | mt7925_firmware | * |
| mediatek | mt7927_firmware | * |
| mediatek | mt7902_firmware | * |
In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413202; Issue ID: MSV-3303.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| mediatek | mt7993_firmware | 7.6.7.2 |
| mediatek | mt7986_firmware | 7.6.7.2 |
| openwrt | openwrt | 19.07.0 |
| mediatek | mt7981_firmware | 7.6.7.2 |
| mediatek | software_development_kit | * |
| mediatek | mt7916_firmware | 7.6.7.2 |
| openwrt | openwrt | 23.05 |
| mediatek | mt7990_firmware | 7.6.7.2 |
| mediatek | mt7992_firmware | 7.6.7.2 |
| mediatek | mt7915_firmware | 7.6.7.2 |
In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413201; Issue ID: MSV-3302.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7922_firmware | * |
| mediatek | mt7921_firmware | * |
| mediatek | mt7925_firmware | * |
| mediatek | mt7927_firmware | * |
| mediatek | mt7902_firmware | * |
In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412240; Issue ID: MSV-3293.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nbiot_sdk | * |
In Bluetooth driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412256; Issue ID: MSV-3284.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nbiot_sdk | * |
In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01394606; Issue ID: MSV-2739.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418044; Issue ID: MSV-3482.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nbiot_sdk | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416936; Issue ID: MSV-3446.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416937; Issue ID: MSV-3445.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416938; Issue ID: MSV-3444.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416939; Issue ID: MSV-3422.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416226; Issue ID: MSV-3409.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415570; Issue ID: MSV-3404.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In Bluetooth driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418045; Issue ID: MSV-3481.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nbiot_sdk | * |
In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418047; Issue ID: MSV-3480.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418048; Issue ID: MSV-3479.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418038; Issue ID: MSV-3478.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418039; Issue ID: MSV-3477.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418040; Issue ID: MSV-3476.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-3421.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 4.0 |
| openwrt | openwrt | 21.02.0 |
| android | 14.0 | |
| android | 15.0 | |
| mediatek | software_development_kit | * |
| android | 13.0 | |
| openwrt | openwrt | 23.05 |
In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| android | 14.0 | |
| android | 15.0 | |
| mediatek | software_development_kit | * |
| android | 13.0 | |
| openwrt | openwrt | 23.05 |
In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09741871; Issue ID: MSV-3317.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| android | 14.0 | |
| android | 15.0 | |
| mediatek | software_development_kit | * |
| android | 13.0 | |
| openwrt | openwrt | 23.05 |
In Modem, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01599794; Issue ID: MSV-3708.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01516959; Issue ID: MSV-3502.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr17 | - |
| mediatek | nr17r | - |
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01123853; Issue ID: MSV-4131.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415809; Issue ID: MSV-3405.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418785; Issue ID: MSV-3515.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00422399; Issue ID: MSV-3748.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00422323; Issue ID: MSV-3810.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| mediatek | software_development_kit | * |
| openwrt | openwrt | 23.05 |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432661; Issue ID: MSV-3904.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432659; Issue ID: MSV-3902.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00421152; Issue ID: MSV-3731.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00421149; Issue ID: MSV-3728.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00419946; Issue ID: MSV-3582.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00419945; Issue ID: MSV-3581.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418955; Issue ID: MSV-3570.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418954; Issue ID: MSV-3569.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10089545; Issue ID: MSV-4279.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | iot_yocto | 25.0 |
| android | 14.0 | |
| android | 15.0 | |
| android | 13.0 | |
| android | 16.0 |
In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418894; Issue ID: MSV-3475.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01671924; Issue ID: MSV-4620.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672598; Issue ID: MSV-4622.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672601; Issue ID: MSV-4623.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |
In wlan STA driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00447115; Issue ID: MSV-4276.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_development_kit | 3.7 |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441512; Issue ID: MSV-4153.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L | 0.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441511; Issue ID: MSV-4140.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441510; Issue ID: MSV-4139.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00441509; Issue ID: MSV-4138.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441507; Issue ID: MSV-4112.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00435349; Issue ID: MSV-4051.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435347; Issue ID: MSV-4049.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00435343; Issue ID: MSV-4040.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435342; Issue ID: MSV-4039.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435340; Issue ID: MSV-4038.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan STA driver, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00435337; Issue ID: MSV-4036.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.0 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00434422; Issue ID: MSV-3958.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00432680; Issue ID: MSV-3949.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.0 | HIGH | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.1 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432679; Issue ID: MSV-3950.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661199; Issue ID: MSV-4296.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661195; Issue ID: MSV-4297.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01270690; Issue ID: MSV-4301.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689252; Issue ID: MSV-4841.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689251; Issue ID: MSV-4840.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible application crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00628396; Issue ID: MSV-4775.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673751; Issue ID: MSV-4644.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673755; Issue ID: MSV-4647.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673760; Issue ID: MSV-4650.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr15 | - |
In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01676750; Issue ID: MSV-4653.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01311265; Issue ID: MSV-4655.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01685181; Issue ID: MSV-4760.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr17 | - |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01677581; Issue ID: MSV-4701.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661189; Issue ID: MSV-4298.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01430930; Issue ID: MSV-4836.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689259 / MOLY01586470; Issue ID: MSV-4847.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738310; Issue ID: MSV-5933.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00693083; Issue ID: MSV-5928.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689254 (Note: For N15 and NR16) / MOLY01689259 (Note: For NR17 and NR17R); Issue ID: MSV-4843.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689248; Issue ID: MSV-4837.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01688495; Issue ID: MSV-4818.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01726634; Issue ID: MSV-5728.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
| mediatek | nbiot_sdk | * |
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738313; Issue ID: MSV-5935.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738293; Issue ID: MSV-5922.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr15 | - |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00827332; Issue ID: MSV-5919.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | nr17r | - |
| mediatek | nr15 | - |
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465314; Issue ID: MSV-4956.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | nbiot_sdk | * |
In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00467553; Issue ID: MSV-5151.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openwrt | openwrt | 21.02.0 |
| openwrt | openwrt | 19.07.0 |
| mediatek | software_development_kit | * |
| openwrt | openwrt | 23.05.0 |
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr13 | - |
| mediatek | nr16 | - |
| mediatek | nr17 | - |
| mediatek | lr12a | - |
| mediatek | nr15 | - |