Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-37570

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Dec, 2021 | 23:23
Updated At-04 Aug, 2024 | 01:23
Rejected At-
Credits

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Dec, 2021 | 23:23
Updated At:04 Aug, 2024 | 01:23
Rejected At:
▼CVE Numbering Authority (CNA)

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
3.18.2HIGH
CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:U/UI:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300
x_refsource_MISC
https://corp.mediatek.com/product-security-bulletin/January-2022
x_refsource_CONFIRM
Hyperlink: https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300
Resource:
x_refsource_MISC
Hyperlink: https://corp.mediatek.com/product-security-bulletin/January-2022
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300
x_refsource_MISC
x_transferred
https://corp.mediatek.com/product-security-bulletin/January-2022
x_refsource_CONFIRM
x_transferred
Hyperlink: https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://corp.mediatek.com/product-security-bulletin/January-2022
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:26 Dec, 2021 | 00:15
Updated At:06 Jan, 2022 | 15:24

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.18.2HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
MediaTek Inc.
mediatek
>>mt7603e_firmware>>2.0.2
cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7603e>>-
cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7613_firmware>>2.0.2
cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7613>>-
cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7615_firmware>>2.0.2
cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7615>>-
cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7622_firmware>>2.0.2
cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7622>>-
cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7628_firmware>>2.0.2
cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7628>>-
cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7629_firmware>>2.0.2
cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7629>>-
cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7915_firmware>>2.0.2
cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7915>>-
cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://corp.mediatek.com/product-security-bulletin/January-2022cve@mitre.org
Vendor Advisory
https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300cve@mitre.org
Third Party Advisory
Hyperlink: https://corp.mediatek.com/product-security-bulletin/January-2022
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

917Records found
CVE-2023-20798
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.72%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:21
Updated-17 Oct, 2024 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In pda, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07147572; Issue ID: ALPS07421076.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6895mt6985mt8188androidmt6886mt8395mt8673mt6983mt8195mt2713mt6879MT2713, MT6855, MT6879, MT6886, MT6895, MT6983, MT6985, MT8188, MT8195, MT8395, MT8673
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2023-20846
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.02% / 2.91%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:27
Updated-08 Oct, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098.

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLCMediaTek Inc.The Linux Foundation
Product-mt6895linux_kernelmt8188androidmt8395mt6983iot_yoctoyoctomt6897mt8781mt8195MT6895, MT6897, MT6983, MT8188, MT8195, MT8395, MT8781
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20836
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.73%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:27
Updated-08 Oct, 2024 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camsys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505629; Issue ID: ALPS07505629.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6785mt6893mt6771androidmt6833mt8768mt6885mt8788mt6877mt6768mt6779mt6762mt6781mt6765mt6853MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6877, MT6885, MT6893, MT8768, MT8788
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20674
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.91%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588552.

Action-Not Available
Vendor-yoctoprojectGoogle LLCLinux Kernel Organization, IncMediaTek Inc.
Product-linux_kernelmt6781mt6855mt6983mt8362amt5221mt8798mt8168mt8797mt6833mt6789mt8789mt8786mt8175mt8518mt8771mt8365mt8791tmt8675mt8766mt8167smt8532mt6895mt7921mt8385mt8695mt8781mt6877mt7902mt8169yoctomt7668mt6879mt7663mt8185androidmt8788mt8768MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20679
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.80%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588453.

Action-Not Available
Vendor-yoctoprojectLinux Kernel Organization, IncMediaTek Inc.Google LLC
Product-androidmt7921mt8175mt7668mt8365mt8797mt8781mt7902mt8771mt6877mt8695mt8798mt6833mt8786mt8168mt8362amt8518yoctomt8385mt6789mt6879mt8185mt8788linux_kernelmt5221mt6983mt8768mt8675mt8789mt6895mt8532mt6781mt7663mt8766mt8169mt6855mt8167smt8791tMT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-32641
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.55%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8789mt8766androidmt6855mt6757mt8797mt6789mt6580mt8321mt6885mt6883mt8167mt6757cmt6781mt6873mt6768mt6853tmt6757chmt6761mt6891mt6895mt8362amt8768mt6737mt6833mt6889mt6731mt8168mt8185mt6769mt6893mt8173mt8765mt6771mt6757cdmt6877mt6879mt6983mt8781mt8675mt6785mt8365mt8666mt8786mt6763mt6739mt6762mt8791mt6779mt6735mt6875mt8385mt6765mt8788mt8791tmt6753mt6853MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-32639
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.40%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8362amt8532mt8167sandroidmt6833mt8765mt6771mt6877mt6785mt8786mt6739mt8791mt8167mt8385mt6781mt8518smt6873mt6768mt6853MT6739, MT6768, MT6771, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT8167, MT8167S, MT8362A, MT8385, MT8518S, MT8532, MT8765, MT8786, MT8791
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-32602
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.32%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-01 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8766mt8797mt6833mt8321androidmt8789mt8768mt8385mt8183mt8791tmt6983mt6883mt8765mt8185mt8786mt8675mt8791MT6833, MT6883, MT6983, MT8183, MT8185, MT8321, MT8385, MT8675, MT8765, MT8766, MT8768, MT8786, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20706
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.56%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 00:00
Updated-24 Jan, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6853tmt6889mt6873mt6893mt6891mt6853mt8183mt6883androidmt6877mt6875mt8195mt6879mt6885MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, MT8195
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20845
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.02% / 2.91%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:27
Updated-08 Oct, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357.

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLCMediaTek Inc.The Linux Foundation
Product-mt6895linux_kernelmt8188androidmt8395mt6983iot_yoctoyoctomt6897mt8195MT6895, MT6897, MT6983, MT8188, MT8195, MT8395
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20742
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.91%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6757cdmt6879mt6873mt6893mt8765mt6886mt8788mt8791tmt6983mt6765mt6757cmt6891mt6737mt6883mt6853tmt6835mt6739mt6757mt8768mt8789mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8781mt8766mt8786mt6985mt6771mt6833mt6885mt6735mt6753mt6762mt6877mt6781mt6853mt6895mt6789androidmt6757chmt6779mt6785mt6763MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8321, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20665
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.91%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-13 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628604; Issue ID: ALPS07628604.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6769mt8788mt6853mt6891mt6895mt6983mt8786mt6889mt6873mt8766mt8765mt6833mt6739mt6765mt6883mt6789mt8771mt6785mt6877mt6855mt8781mt6771mt6853tmt8795tmt8321mt8789mt6779mt6762mt6885mt6768mt6781mt6879mt6893mt8768mt6763mt8791tandroidmt8797mt6875mt8798mt6761mt8365MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8365, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-26436
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.96%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In emi mpu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07023666; Issue ID: ALPS07023666.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6895androidmt6983mt6879MT6855, MT6879, MT6895, MT6983
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-26462
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.55%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032660; Issue ID: ALPS07032660.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6895mt6873mt6893androidmt6833mt6885mt8797mt6889mt6983mt8791mt6877mt6879mt6853mt6883MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-26463
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.55%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032686; Issue ID: ALPS07032686.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6895mt6873mt6893androidmt6833mt6885mt8797mt6889mt6983mt8791mt6877mt6879mt6853mt6883MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21755
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.22%
||
7 Day CHG~0.00%
Published-06 Jun, 2022 | 17:39
Updated-03 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545464; Issue ID: ALPS06545464.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6757cdmt8175mt6893mt6750mt6755smt8183mt6757cmt6765mt6891mt6737mt6883mt8696mt6853tmt6739mt8768mt6797mt6769mt6761mt6875mt6889mt8362amt8167smt8385mt6732mt6885mt6735mt6753mt6877mt8365mt6853mt8667mt6757chmt6785mt6731mt6873mt8675mt6799mt6763mt8788mt6880mt6757mt8789mt8797mt6768mt8786mt8766mt6755mt8695mt6890mt6771mt6758mt6833mt6750smt6762mt6795mt6781mt6895mt8168mt6789androidmt8185mt6779mt6752mt6879MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21778
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.19%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-01 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6785mt6873mt6779mt6853mt6893mt8168mt6891mt6771mt6877androidmt8365mt8385mt6853tmt8183mt8788mt8175mt6885MT6771, MT6779, MT6785, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6891, MT6893, MT8168, MT8175, MT8183, MT8365, MT8385, MT8788
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21791
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478059; Issue ID: ALPS06478059.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893androidmt6833mt6885mt6877mt6853MT6833, MT6853, MT6873, MT6877, MT6885, MT6893
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21747
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.60%
||
7 Day CHG~0.00%
Published-06 Jun, 2022 | 17:35
Updated-03 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478078; Issue ID: ALPS06478078.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8765mt8167smt6771mt6833mt6885mt8788mt6781mt8365mt8167mt6853mt8168mt8768mt8789androidmt8797mt8362amt6779mt6785mt8786mt8766mt8173MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6885, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8362A, MT8365, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21769
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 11.76%
||
7 Day CHG~0.00%
Published-06 Jul, 2022 | 13:06
Updated-03 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In CCCI, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641673; Issue ID: ALPS06641687.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8675mt8765mt6580mt8788mt6983mt8666mt6765mt6883mt6737mt6739mt8768mt8789mt6761mt8797mt6889mt8321mt6768mt8786mt8766mt6771mt6833mt6885mt6735mt6753mt6877mt6781mt6853mt8667mt6895androidmt8791mt6779mt6785mt6879MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21746
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.60%
||
7 Day CHG~0.00%
Published-06 Jun, 2022 | 17:29
Updated-03 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479698; Issue ID: ALPS06479698.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8167smt6771mt6833mt6885mt8788mt6781mt8365mt8167mt6853mt8168androidmt8362amt6779mt6785MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6885, MT6893, MT8167, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8788
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21790
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479306; Issue ID: ALPS06479306.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893androidmt6833mt6877mt6853MT6833, MT6853, MT6873, MT6877, MT6893
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21756
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.22%
||
7 Day CHG~0.00%
Published-06 Jun, 2022 | 17:39
Updated-03 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535950; Issue ID: ALPS06535950.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8675mt8788mt6983mt8183mt6891mt6883mt8696mt6853tmt6880mt8768mt8789mt6875mt8797mt6889mt8362amt8786mt8766mt6985mt8695mt6890mt8167smt8385mt6833mt6885mt6877mt8365mt6853mt8667mt6895mt8168androidmt8185mt6879MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-20065
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.12%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccci, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108658; Issue ID: ALPS06108658.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt8765mt8675mt6833mt6580mt6885mt8788mt6983mt6877mt6762mt6781mt6765mt6883mt6737mt8667mt6739mt8768mt8789androidmt6769mt6761mt6875mt6889mt8797mt8321mt6768mt6779mt6785mt8786mt8766MT6580, MT6737, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6833, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6983, MT8321, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-20029
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.40%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8765mt8788mt8167mt6765mt8183mt6891mt6883mt6853tmt8768mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8362amt8786mt8766mt6771mt8385mt6833mt6885mt6877mt6762mt8365mt6853mt8168androidmt8791mt6779mt8163mt6785mt8735bmt6763mt8173MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-20064
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.50%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6873mt6893mt8675mt8765mt6580mt8788mt6983mt6765mt6737mt6883mt6739mt8768mt8789mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8786mt8766mt6985mt6833mt6885mt6877mt6762mt6781mt6853mt8667mt6895mt6789androidmt6779mt6785mt6763MT6580, MT6737, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT6985, MT8321, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-20074
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.01% / 1.95%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:38
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8675mt6763mt8788mt6983mt6765mt6891mt6883mt6853tmt6880mt8768mt8789mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8786mt8766mt6985mt8695mt6890mt8385mt6833mt6885mt6877mt6762mt6853mt8667mt6895androidmt8185mt8791mt6779mt6879MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6779, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8667, MT8675, MT8695, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-20033
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.40%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camera driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862973; Issue ID: ALPS05862973.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6771mt6833mt6885mt6877mt6781mt8365mt8167mt6765mt6853mt6883mt6853tmt8168mt6739androidmt6761mt6889mt8362amt6768mt6779mt8173MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8362A, MT8365
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-20092
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 2.73%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 19:58
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8385mt6833mt6885mt6983mt6877mt8183mt6853mt6883mt6895mt6853tandroidmt6761mt8797mt6889mt8185mt8791mt6768mt6779mt6785mt6879mt8173MT6761, MT6768, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8173, MT8175, MT8183, MT8185, MT8385, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32878
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.33%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:49
Updated-16 May, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6762mt6885mt8788mt8167mt6765mt8768mt8797mt8321mt6983mt6833mt8789mt8781mt8168mt8798mt8188mt8791tmt6879androidmt6883mt8786mt8765mt8766MT6762, MT6765, MT6833, MT6879, MT6883, MT6885, MT6983, MT8167, MT8168, MT8188, MT8321, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32880
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.94%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:49
Updated-16 Jun, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8786mt8321mt6885mt8167mt8791tmt8781mt8168androidmt8788mt8789mt8797mt8765mt6883mt6833mt8766mt8768mt8188mt6765mt6762mt6983mt8798mt6879MT6762, MT6765, MT6833, MT6879, MT6883, MT6885, MT6983, MT8167, MT8168, MT8188, MT8321, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32862
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.56%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:46
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388762; Issue ID: ALPS07388762.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6985mt6873mt6893mt8188mt6833mt6886mt6885mt6983mt6877mt6781mt6765mt8195mt6853mt6883mt6895mt8168mt6789mt6835androidmt6761mt6889mt6768mt6779mt6785mt8781mt6879MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8168, MT8188, MT8195, MT8781
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32876
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.64%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:49
Updated-03 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6771mt6985mt6757cdmt8765mt8185mt8321mt6763mt6580mt6765mt6757mt6735mt6757chmt6785mt8667mt6855mt6893mt8797mt6889mt6757cmt6753mt6853mt8791mt6768mt8798mt6875mt6739mt6879mt6779mt6891mt8673mt6983mt8766mt8768mt8791tmt6781mt8789mt6877mt6853tmt8788mt6769mt6886mt8666mt8385mt6835mt6762mt8781mt8786mt6789mt6731androidmt6883mt8675mt6761mt6833mt6895mt6885mt6737MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32856
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 11.57%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:45
Updated-29 Aug, 2024 | 13:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993705.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6985mt6893mt8798mt8188androidmt6833mt6885mt8797mt6889mt6983mt6768mt8195mt6765mt6879mt6883MT6765, MT6768, MT6833, MT6879, MT6883, MT6885, MT6889, MT6893, MT6983, MT6985, MT8188, MT8195, MT8797, MT8798mt6985mt6893mt8798mt8188mt6833mt6885mt8797mt6889mt6983mt6768mt8195mt6765mt6879mt6883
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32825
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 2.78%
||
7 Day CHG~0.00%
Published-06 Nov, 2023 | 03:50
Updated-05 Sep, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In bluethooth service, there is a possible out of bounds reads due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07884130; Issue ID: ALPS07884130.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt8175mt6873mt6893mt8765mt6580mt6886mt8788mt8791tmt6983mt8666mt6765mt6883mt8390mt7921mt6835mt8768mt6761mt2713mt6889mt8797mt8321mt6768mt8781mt8766mt8786mt6985mt8188mt6833mt6885mt8673mt6877mt6781mt8365mt8195mt6853mt8667mt6895mt8168mt6789mt8798androidmt6779mt6785mt6879MT2713, MT6580, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT7921, MT8168, MT8175, MT8188, MT8195, MT8321, MT8365, MT8390, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32816
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.41%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:28
Updated-08 Oct, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044032.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt8175mt6873mt6580mt6886mt6983mt8666mt6765mt6883mt6853tmt6835mt6739mt6761mt2713mt6889mt6768mt6985mt8188mt6833mt6885mt8673mt6877mt6855tmt6781mt8365mt8195mt6853mt8667mt6895mt8168mt6789androidmt6779mt6785mt6879MT2713, MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6895, MT6983, MT6985, MT8168, MT8175, MT8188, MT8195, MT8365, MT8666, MT8667, MT8673
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32857
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 11.57%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:45
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993710.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6985mt6893mt8798mt8188androidmt6833mt6885mt8797mt6889mt6983mt6768mt8195mt6765mt6879mt6883MT6765, MT6768, MT6833, MT6879, MT6883, MT6885, MT6889, MT6893, MT6983, MT6985, MT8188, MT8195, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32815
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.41%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:28
Updated-08 Oct, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801.

Action-Not Available
Vendor-MediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt6855mt6990mt8175mt6873mt2735mt6580mt6886mt6983mt8188tmt6765mt6883mt6853topenwrtmt6835mt6739mt6880mt6761mt2713mt6889mt6768mt6985mt6890mt8188mt6833mt6885yoctomt6877mt6855tmt6781mt8365mt8195mt6853mt6980mt6895mt8168mt6789androidmt6779mt6785mt6879MT2713, MT2735, MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6895, MT6980, MT6983, MT6985, MT6990, MT8168, MT8175, MT8188, MT8188T, MT8195, MT8365
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20660
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.54%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:14
Updated-18 Apr, 2025 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3186.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt9972androidMT9972
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20661
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.54%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:14
Updated-14 Apr, 2025 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3185.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt9972MT9972
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20692
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 2.23%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 02:00
Updated-09 Jul, 2025 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418040; Issue ID: MSV-3476.

Action-Not Available
Vendor-MediaTek Inc.OpenWrt
Product-software_development_kitmt7622mt7663openwrtmt7916mt7981mt7615mt7915mt6890mt7986MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20662
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.54%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:14
Updated-14 Apr, 2025 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04428276; Issue ID: MSV-3184.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt9972MT9972
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-32595
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 11.01%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 00:00
Updated-26 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446236; Issue ID: ALPS07446236.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt6769mt8765mt6853tmt6877mt6785mt6781mt6855mt6885mt6889mt6875mt6779mt8768mt8766mt8781mt6833mt6768mt6765androidmt6893mt8786mt8788mt8791mt6883mt6853mt8385mt6762mt8789mt6879mt6789mt6891mt8797mt6873MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0676
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.84%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863009; Issue ID: ALPS05863009.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8765mt8788mt8167mt6765mt8183mt6891mt6883mt8735amt6853tmt8768mt8789mt6769mt6875mt8797mt6889mt8321mt6768mt8362amt8786mt8766mt8167smt6771mt8385mt6833mt6885mt6877mt6762mt6781mt8365mt8195mt6853mt8168androidmt8185mt8791mt6779mt8163mt6785mt8771mt8735bmt8173MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0659
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.40%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:57
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687559; Issue ID: ALPS05687559.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6853tmt6893mt6891androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6853mt6883MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0622
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.25%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:55
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561388.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt9631mt6757cdmt8175mt6893mt9688mt6580mt6755smt9670mt8183mt6765mt6757cmt6737mt9931mt6853tmt9970mt6739mt9652mt8768mt6761mt6889mt8362amt8321mt9256mt9980mt8167smt9675mt8385mt6885mt9285mt6735mt6753mt9632mt6877mt8365mt8195mt6853mt5527mt6757chmt9686mt8791mt6785mt9950mt8173mt6873mt8765mt8788mt5597mt8167mt9636mt8789mt5598mt6757mt9629mt8797mt9639mt6768mt8786mt8766mt9638mt6771mt9288mt6833mt9981mt9669mt9650mt9286mt6750smt6762mt9685mt8168androidmt8185mt5522mt5599mt6779mt8163mt6763MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-33050
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.68%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 10:22
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-immersive_home_214qca6595ipq6028_firmwareqca8081_firmwareqam8620p_firmwarewcd9340_firmwaresa8530pipq5028_firmwarewcd9395_firmwareqcn6024ar9380qcc710_firmwarefastconnect_6700qcn6422_firmwaresa4150pqcn5124_firmwarewsa8832_firmwareqca8337wcd9395qca6574au_firmwareipq8078a_firmwaresm6370qam8295pwcd9341ipq5312wsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresnapdragon_778g\+_5g_firmwaresnapdragon_8\+_gen_2qcs5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155pqca9880snapdragon_888\+_5g_firmwaresa8770pqcn9000sa8540psnapdragon_4_gen_2qcn6432video_collaboration_vc1_platformqep8111sa7255psm8635wcd9385_firmwaresnapdragon_778g_5gipq8074a_firmwareipq8076aqca6787aqsa6155pqcn9160qca6564au_firmwareqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresa9000psxr2250p_firmwaresa6155p_firmwareipq8070a_firmwareqcn9070qca8084qca9367snapdragon_8_gen_2snapdragon_480\+_5g_firmwareqcc2076qca6574aqca6174asnapdragon_695_5g_firmwareqca9898_firmwarewcd9340qcs8250_firmwaretalynplussnapdragon_auto_5g_modem-rf_gen_2qcn6122_firmwareqcn5154_firmwareqca7500sm8550p_firmwareqcm8550sxr2250pipq4019qcn5122_firmwarewcn3988qcn9024qca6574snapdragon_x75_5g_modem-rf_systemqca6777aq_firmwareqamsrv1hqcn6412_firmwareqca8082qcs410sa8155pwsa8830ipq5312_firmwaresm8550pqcf8000_firmwaresa6145pimmersive_home_318_firmwareqcn6122sa8255p_firmwaresnapdragon_888\+_5gqcc2073qrb5165m_firmwaresa8650p_firmwareimmersive_home_216_firmwareqca9985immersive_home_316srv1l_firmwareipq8071aqcn6112snapdragon_782gqxm8083wcn3950_firmwareqrb5165nfastconnect_6200sm7325p_firmwarewcd9378video_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresnapdragon_778g_5g_firmwaresnapdragon_780g_5gqcn9072qcn6224_firmwareipq4028_firmwaresdx61_firmwareqca8082_firmwaresrv1limmersive_home_216srv1mar8035_firmwareqrb5165mqca4024_firmwareqca0000_firmwaresd888_firmwareqcs6125_firmwareqca9992_firmwareqca9990ipq9008_firmwareqcn9074ipq5300_firmwarewsa8815_firmwareqca8337_firmwaresnapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwareipq8173sm4635_firmwareipq6010_firmwarewcn3950snapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwareipq5028qcf8001_firmwareqcn9070_firmwaresa8295p_firmwaresmart_audio_400_firmwaresnapdragon_460_firmwaresa4155p_firmwareqca9984ipq5010_firmwareqcn9022_firmwareipq6018qcn9160_firmwaresd888wcn6755_firmwareipq8065snapdragon_662qcs7230ipq5302_firmwareqxm8083_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwareqca7500_firmwarewcn6755qca8075_firmwaresnapdragon_888_5g_firmwaresnapdragon_8\+_gen_2_firmwareqcf8000sdx65m_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqcn6402_firmwareqca6175a_firmwareqca6698aq_firmwareqca9367_firmwareqca8084_firmwaresa8255pqcs7230_firmwarewcd9390_firmwareqcn5024snapdragon_8_gen_3qep8111_firmwareimmersive_home_326snapdragon_auto_5g_modem-rfflight_rb5_5g_firmwareipq4019_firmwaressg2125pcsra6640_firmwareqamsrv1msnapdragon_685_4g_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresnapdragon_480_5gipq8076_firmwareqam8620psnapdragon_x65_5g_modem-rf_systemqrb5165n_firmwarewcd9335_firmwarewcn3980_firmwarewsa8835wsa8840_firmwareqca6391_firmwareipq8068csra6620qca8081wsa8815mdm9628qam8775pqca9377snapdragon_ar2_gen_1_firmwareqcm4325_firmwareqcn6412qca9888_firmwareqca9889snapdragon_8\+_gen_1_firmwareqca6175aqcn5024_firmwareimmersive_home_318ipq5010qcn9274_firmwareqcs5430_firmwaresg4150p_firmwarecsra6620_firmwareqcs8550ipq8068_firmwaresa8650pqam8775p_firmwarewcd9375qca9889_firmwaresnapdragon_ar2_gen_1sa8145pcsr8811qcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100pipq9574qcn9000_firmwareqcn9022qcs610_firmwaresnapdragon_8\+_gen_1wcd9335wcd9370qca6696wcd9341_firmwareqcc2073_firmwareipq8076wcn6740_firmwareipq6018_firmwareqca9984_firmwareqcn6023snapdragon_695_5gsnapdragon_888_5gsnapdragon_x35_5g_modem-rf_system_firmwareqca9994_firmwareipq6000snapdragon_4_gen_2_firmwareipq8078asnapdragon_x72_5g_modem-rf_system_firmwareqca6574auwcd9390sa8620p_firmwarecsra6640srv1hqcn9100_firmwareqcn5122qca6554aqcn6024_firmwareqca9886_firmwareqcm5430qcm6125_firmwaressg2115pqcc710qcn6132_firmwaresnapdragon_x72_5g_modem-rf_systemqca6777aqfastconnect_6900qcn6402snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_8_gen_2_firmwareimmersive_home_326_firmwareipq5332_firmwareqcn5052qca9980qfw7114ipq9574_firmwareqam8255p_firmwareipq8064qcn5164sdx61qcs4490snapdragon_662_firmwarewsa8845qcm6125csr8811_firmwarewsa8810qca8085srv1h_firmwareqca6595ausm7315_firmwarewsa8840srv1m_firmwareqcs8550_firmwareqfw7124_firmwareqcn9012qcs4490_firmwareqcf8001snapdragon_680_4gsdx65mwcd9370_firmwaresa7255p_firmwareipq9570sa8195pqcm6490ipq5302sa8540p_firmwaresm6370_firmwareqcn9274ipq8076a_firmwaresa8775pipq9570_firmwaresxr2230p_firmwarear9380_firmwareipq4029_firmwareqcn9011sa8775p_firmwaresmart_audio_400qcn9024_firmwarewsa8845hsa6150psa8155p_firmwareqca6564aqcn9074_firmwareipq8174ipq8174_firmwarear8035ipq8072aqamsrv1m_firmwareqcm4325qcn6224qca6698aqsa7775p_firmwaressg2125p_firmwaresa8530p_firmwaresa8145p_firmwaresa8150p_firmwarefastconnect_6700_firmwarewcn3990ipq8078qcs6490qcs8250ipq9554_firmwarefastconnect_6200_firmwaresnapdragon_778g\+_5gwsa8830_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwaresnapdragon_7c\+_gen_3wsa8832wcd9378_firmwareqcc2076_firmwareqca9880_firmwareqca6678aqqcn6432_firmwareqcn5022_firmwareqca9992snapdragon_680_4g_firmwaresa4150p_firmwareqca9898ipq9008ipq9554qca6564ausm4635snapdragon_460sa8195p_firmwareqca9888ipq5332snapdragon_685_4gsg8275p_firmwareqca9377_firmwareqcm6490_firmwareipq8072a_firmwareqcm4490_firmwarevision_intelligence_400_firmwareqcn6112_firmwareqcs6125flight_rb5_5gqca8085_firmwareqca9886qcn6132qca6584auqcn6274_firmwareqcn9011_firmwaresw5100_firmwarewcn6740qfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwareqcn6422immersive_home_214_firmwareipq5300ipq8070asm8635_firmwarewcd9380ipq4028qam8255psa6145p_firmwaresxr2230psnapdragon_x62_5g_modem-rf_systemqca9990_firmwaresa8150pimmersive_home_3210qcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x35_5g_modem-rf_systemsxr1230pipq6010sw5100qca6688aqqam8295p_firmwaresnapdragon_8_gen_1_firmwarewcn3990_firmwaresm7315qca6564a_firmwarewcd9385qca9994snapdragon_8_gen_1sxr1230p_firmwareipq4018sg8275psnapdragon_782g_firmwaresdx55_firmwareipq8071a_firmwareqca6554a_firmwareipq6028qcm4490snapdragon_4_gen_1qcn9100robotics_rb5snapdragon_480\+_5gipq4029qca6174a_firmwaresm7325pipq4018_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274qfw7124qca6595au_firmwareqca0000sw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqcn5124ipq8064_firmwaremdm9628_firmwareqca6797aqqcn5152ipq8065_firmwaresa8620pqca6574a_firmwaresdx55qcn9072_firmwareipq8074aimmersive_home_3210_firmwareqca6787aq_firmwaresd_8_gen1_5g_firmwareqca8386qca6391sa7775psnapdragon_7c\+_gen_3_firmwaresnapdragon_8_gen_3_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcd9375_firmwareipq8173_firmwareqcn9012_firmwaresnapdragon_780g_5g_firmwaresa8770p_firmwaresa8295pipq6000_firmwarefastconnect_7800ipq8078_firmwareqca6688aq_firmwarewcn3988_firmwareimmersive_home_316_firmwareqamsrv1h_firmwareqcn5154vision_intelligence_400wsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_w5\+_gen_1_wearableqcs610Snapdragonqcn5024_firmwareqam8255p_firmwareqca9377_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareipq4028_firmwaresg8275p_firmwareipq8173_firmwaremdm9628_firmwareqca6777aq_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwareqca4024_firmwareqca9880_firmwareimmersive_home_318_platform_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareipq5028_firmwaresa8150p_firmwarewcn6755_firmwareqca6595au_firmwarecsra6620_firmwarecsra6640_firmwareqca0000_firmwareqcm5430_firmwareqcn5152_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcn3990_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqcn5124_firmwareqam8295p_firmwareqcn9011_firmwareqca8082_firmwaresa9000p_firmwaresm7315_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9375_firmwarewsa8845h_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca9367_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcm8550_firmwareipq8078a_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwareqrb5165m_firmwarewsa8840_firmwareipq4029_firmwaresa4155p_firmwareqcf8001_firmwareqcs8550_firmwareqcn6112_firmwarewcn3988_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqca6698aq_firmwaresdx65m_firmwareqca6174a_firmwareipq8071a_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareipq8068_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwareqcs6490_firmwareipq9008_firmwareqcn5154_firmwareqca9898_firmwareqcc710_firmwareqcn9100_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwareqca9992_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwareqcn5022_firmwaresa8295p_firmwaresxr2250p_firmwareimmersive_home_216_platform_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqca6787aq_firmwareqcm6125_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca9985_firmwarerobotics_rb5_platform_firmwareipq4018_firmwareqca8337_firmwaresm4635_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwareqca7500_firmwareqca9980_firmwareqcf8000_firmwarewcd9378_firmwareipq8076a_firmwarear9380_firmwareqcs7230_firmwaresa8530p_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwaresxr1230p_firmwareqcn6402_firmwaresa8540p_firmwarecsr8811_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareipq4019_firmwaresm8635_firmwaressg2125p_firmwareqcn6132_firmwareqca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcc2076_firmwareipq8070a_firmwareqcn9274_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwareqcc2073_firmwareipq6018_firmwareipq8076_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm7325p_firmwarewsa8845_firmwareqcn9160_firmwareqxm8083_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq8064_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcs4490_firmwareipq5300_firmwareqcm6490_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwarewsa8832_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareipq5312_firmwareqcn6432_firmwareqca9889_firmwaresa8155p_firmwareqca6564a_firmwareipq8174_firmwareqcn9024_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcn6412_firmwaresw5100p_firmwareipq5332_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareipq5302_firmwareqamsrv1m_firmwaresrv1m_firmwareqca9886_firmwareqam8650p_firmwareipq6010_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwareimmersive_home_214_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwareqcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareqca9990_firmwareqcn9072_firmwaresdx61_firmwareipq6000_firmwaressg2115p_firmwaresw5100_firmwareqcn9074_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwareqca6175a_firmwarear8035_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-33073
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.18% / 40.26%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:58
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8_gen_3_mobile_platform_firmwareqcm8550_firmwareqcn9000_firmwareipq9574qca6595qcn9022ipq6028_firmwareimmersive_home_214_platformqca8081_firmwarewcd9370qca6696qam8620p_firmwarewcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024qcc2073_firmwareqcc710_firmwareipq8076fastconnect_6700qcn6422_firmwareipq6018_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareimmersive_home_216_platformqca8337wcd9395ipq6000qca6574au_firmwareipq8078aipq8078a_firmwareqam8295psnapdragon_x72_5g_modem-rf_system_firmwareipq5312wcd9390qca6574ausa8620p_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hqcn9100_firmwareqcn5122qca6554aqcs5430qcn6024_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000ssg2115pqcc710qcn6132_firmwaresnapdragon_x72_5g_modem-rf_systemqcn6402fastconnect_6900qcn6432ipq5332_firmwaresa7255pqcn5052qfw7114wcd9385_firmwareipq9574_firmwareqam8255p_firmwareipq8076aipq8074a_firmwareqcn5164snapdragon_ar2_gen_1_platform_firmwareimmersive_home_3210_platform_firmwarewsa8845snapdragon_8\+_gen_2_mobile_platform_firmwaresa6155pqca6564au_firmwarecsr8811_firmwareqca8075video_collaboration_vc5_platform_firmwareqam8650psa9000psrv1h_firmwaresnapdragon_8\+_gen_2_mobile_platformqca8085qca6595ausxr2250p_firmwaresa6155p_firmwarewsa8840srv1m_firmwareqcs8550_firmwareqfw7124_firmwareqcn9070ipq8070a_firmwaresnapdragon_8_gen_2_mobile_platformqcf8001qca8084snapdragon_8_gen_3_mobile_platformsdx65mwcd9370_firmwareqcc2076sa7255p_firmwareqca6574aipq9570sa8195pwcd9340qcs8250_firmwaresnapdragon_auto_5g_modem-rf_gen_2qcm6490ipq5302immersive_home_316_platform_firmwareqcn6122_firmwareqcn5154_firmwaresxr2250psm8550p_firmwareqcm8550immersive_home_3210_platformqcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574snapdragon_x75_5g_modem-rf_systemipq9570_firmwaresxr2230p_firmwaresa8775p_firmwareqcn6412_firmwareqamsrv1hwsa8845hqcn9024_firmwareqca8082sa8155p_firmwaresa8155pwsa8830ipq5312_firmwaresm8550pqcf8000_firmwareqcn9074_firmwareipq8174sa8255p_firmwareqcn6122ipq8174_firmwareqcc2073flight_rb5_5g_platform_firmwareipq8072aar8035qamsrv1m_firmwaresa8650p_firmwarerobotics_rb5_platformsrv1l_firmwareqcn6224ipq8071aqcn6112ssg2125p_firmwaresa7775p_firmwareqca6698aqqrb5165nfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwareipq8078immersive_home_326_platform_firmwareqcs6490qcs8250ipq9554_firmwareqcn9072wsa8830_firmwareqcn6224_firmwareqca6678aq_firmwarewsa8845_firmwareqca8386_firmwarewsa8832qca8082_firmwareqcc2076_firmwaresrv1lsrv1mqcn6432_firmwareqca6678aqar8035_firmwareqcn5022_firmwareqca4024_firmwareqca0000_firmwareipq9554ipq9008qca6564auipq9008_firmwareqcn9074ipq5300_firmwareimmersive_home_214_platform_firmwaresa8195p_firmwareqca8337_firmwareqca9888ipq5332sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwareflight_rb5_5g_platformqcn6112_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6797aq_firmwareipq5028qca8085_firmwareqcn9070_firmwareqcf8001_firmwaresa8295p_firmwareqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qcn6274_firmwareqca6584auqfw7114_firmwareqca4024qcs7230qca6595_firmwarefastconnect_7800_firmwareqcn6422ipq5302_firmwareimmersive_home_216_platform_firmwareipq5300ipq8070afastconnect_6900_firmwarewcd9380qam8255psxr2230pqca8075_firmwareqcf8000qcn5052_firmwaresxr1230pipq6010sdx65m_firmwarevideo_collaboration_vc3_platformqca6688aqqam8295p_firmwareqcn6402_firmwareqca6698aq_firmwarewcd9385qca8084_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwareqcn5024sg8275psdx55_firmwareipq8071a_firmwaressg2125pqca6554a_firmwareipq6028qcn9100qamsrv1mimmersive_home_326_platformqam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemipq8076_firmwareqam8620pqcn5152_firmwareqrb5165n_firmwareqca6584au_firmwareqcn6274qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqca0000snapdragon_ar2_gen_1_platformqca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081qcn5124qam8775pqca6797aqqcn5152qcn6412sa8620psdx55qca6574a_firmwareqcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_318_platformqca9889qcn5024_firmwarewcd9375_firmwaresa7775pqca8386qca6391ipq5010qcn9274_firmwareipq8173_firmwareqcs5430_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8770p_firmwaresa8295probotics_rb5_platform_firmwareqcs8550ipq6000_firmwarefastconnect_7800sa8650pqam8775p_firmwarewcd9375qca6688aq_firmwareipq8078_firmwareqca9889_firmwareqamsrv1h_firmwareqcn5154immersive_home_316_platformwsa8835_firmwaressg2115p_firmwarecsr8811qcn5022snapdragon_x75_5g_modem-rf_system_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwaresxr2230p_firmwaresg8275p_firmwareipq8173_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_318_platform_firmwaresrv1l_firmwareipq5028_firmwareqca6595au_firmwareqcn5152_firmwareqca0000_firmwareqcm5430_firmwareqca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwareqca8084_firmwareqcn5124_firmwareqam8295p_firmwareqca8082_firmwaresa9000p_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwarewcd9375_firmwarewsa8845h_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqca6678aq_firmwaresa8775p_firmwarewsa8840_firmwareqcf8001_firmwareqcs8550_firmwareqcn6112_firmwaresa7775p_firmwarefastconnect_6700_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqca6698aq_firmwaresdx65m_firmwareipq8071a_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwareqcs6490_firmwareipq9008_firmwareqcn5154_firmwareqcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwaresa8195p_firmwareqcn5022_firmwaresa8295p_firmwaresxr2250p_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwareqcf8000_firmwareipq8076a_firmwareqcs7230_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresxr1230p_firmwareqcn6402_firmwarecsr8811_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwaressg2125p_firmwareqcn6132_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwareqcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwarewsa8845_firmwareqca6574a_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqcn6274_firmwareipq5300_firmwareqcm6490_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwarewsa8832_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareipq5312_firmwareqcn6432_firmwareqca9889_firmwaresa8155p_firmwareqcn9024_firmwareipq8174_firmwaresa7255p_firmwareqcs8250_firmwarefastconnect_7800_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareipq6010_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwareimmersive_home_214_platform_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwareqcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqam8620p_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-33011
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.21%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-26 Nov, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqam8255p_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqcs610ipq4028_firmwareqca8337qfw7124sg8275p_firmwareipq8173_firmwarear9380qcf8001qam8775pqamsrv1msnapdragon_888_5g_mobile_platformqcn5124qca4024_firmwarewsa8840wcn3950_firmwareimmersive_home_318_platform_firmwareqxm8083ipq8078asa8150p_firmwareipq5028_firmwareqca6595au_firmwaresnapdragon_480_5g_mobile_platformvideo_collaboration_vc3_platformcsra6620_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwareqcm5430_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqca6554a_firmwareqam8295pwcn3950qcn6024_firmwareipq8076aqca8386_firmwareimmersive_home_316_platform_firmwaremdm9628sd_8_gen1_5g_firmwareqca8084_firmwaresnapdragon_460_mobile_platformqcn6412qca6688aqsm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqcn5164_firmwareqca6574au_firmwareqcn6422_firmwarewcd9375_firmwareqca8081_firmwaresnapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwareqca7500wsa8840_firmwaresa4155p_firmwareqcs6125qca6698aqipq5028qcf8001_firmwareipq4029_firmwareipq6010ipq8068sdx65msa7775p_firmwarewcd9340snapdragon_8\+_gen_1_mobile_platformqcn6432qcn6132sw5100snapdragon_780g_5g_mobile_platformsa6155pqcf8000qca6698aq_firmwaresxr2250pipq5312snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)snapdragon_auto_5g_modem-rf_gen_2_firmwareqcn6122qca9888_firmwarewcd9341sa8255pqam8775p_firmwareqca6696_firmwareipq8068_firmwareipq9008_firmwareqcn5154_firmwareqca6797aqsa8150probotics_rb5_platformqcc710_firmwarewsa8830_firmwareqca9992_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwareqcn5022_firmwareqca9898sa8295p_firmwareipq4028immersive_home_216_platform_firmwaresa8770pqca9985_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)ipq4018_firmwarewcd9380_firmwaressg2125psnapdragon_778g_5g_mobile_platform_firmwareqca8337_firmwareipq8072aqca7500_firmwareqca9980_firmwaresw5100pipq8076a_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca8084qcm8550ipq8078ipq8173qca6564auipq9008qcn5164qca6574qcn6402_firmwaresnapdragon_7c\+_gen_3_computecsr8811_firmwarewcd9380snapdragon_x72_5g_modem-rf_system_firmwareipq9554_firmwarefastconnect_6700qcs410snapdragon_782g_mobile_platform_\(sm7325-af\)qcn5024ipq4019_firmwaresxr1230psnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwarevideo_collaboration_vc3_platform_firmwaresg8275pqca9985qcn9012_firmwarewcn3980qcn9274_firmwarewcd9335_firmwaresm6370_firmwareqfw7114_firmwareqcn5052_firmwarewsa8845qcc2073_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815qcn6112snapdragon_4_gen_1_mobile_platformqxm8083_firmwareqcs8250qca9984ipq8064ipq6028snapdragon_x62_5g_modem-rf_system_firmwareqcn9024ipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq5302ipq8064_firmwaresa8295pwcn6740_firmwareqcs4490_firmwaresnapdragon_x65_5g_modem-rf_systemqca6678aqsa8650p_firmwareipq8078_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900fastconnect_6900_firmwareipq8070qca9994qca6797aq_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwaresrv1lqca9980qcn9024_firmwareipq8174_firmwareqca6564a_firmwaresa7255p_firmwareqca9880snapdragon_8\+_gen_2_mobile_platformsa8620pwsa8832qcn6412_firmwaresw5100p_firmwaresa8540pqcs610_firmwareipq5332ipq5302_firmwareqamsrv1m_firmwareimmersive_home_326_platformsa6145pqcm5430ipq6018qca9886_firmwareqcc710immersive_home_214_platformqcs4490qca6595_firmwarewcd9395sa8145pqcs5430_firmwareqca6391_firmwaresa4150p_firmwareimmersive_home_214_platform_firmwareqca4024wcd9370_firmwaresm8550p_firmwaresdx55sd888_firmwareqcn6402sa8155pcsra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255psa4155pqep8111snapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwarear8035_firmwareqcn5024_firmwaretalynplus_firmwarewsa8830snapdragon_662_mobile_platform_firmwareqcn9070sxr2230p_firmwaresa8145p_firmwareqam8650pmdm9628_firmwareflight_rb5_5g_platformcsra6620flight_rb5_5g_platform_firmwareqcn6224_firmwareqca8082qcn9072qca8386qca9880_firmwareqca9992srv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareipq6000wcd9370ssg2115pqcn5152_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqca9984_firmwareqca9377qcn9000_firmwareqcn9160ipq9554qamsrv1hsa8530pwcd9385_firmwaretalynplusfastconnect_6200immersive_home_216_platformqamsrv1h_firmwareimmersive_home_316_platformipq8074aimmersive_home_318_platformqcn5124_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwareqca8082_firmwaresdx55_firmwaresnapdragon_4_gen_2_mobile_platformsa7255pwsa8845h_firmwaresnapdragon_8_gen_3_mobile_platformqcn6023_firmwareqfw7114qcn5122_firmwaresnapdragon_778g_5g_mobile_platformqca6595ausnapdragon_680_4g_mobile_platform_firmwareqrb5165nsnapdragon_w5\+_gen_1_wearable_platform_firmwareipq5010qca6564au_firmwareqca6584ausa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274snapdragon_x72_5g_modem-rf_systemsa8775p_firmwareipq8174qcs6490qca9990qcn5052qca9367video_collaboration_vc5_platformqcs8550_firmwareqcn6112_firmwarewcn3988_firmwareqcn9074srv1hsa6145p_firmwareqca8085fastconnect_6700_firmwaresa8195pwsa8810_firmwareqcn6224vision_intelligence_400_platformwsa8845hsnapdragon_x62_5g_modem-rf_systemwcd9395_firmwarewcd9335snapdragon_x75_5g_modem-rf_systemsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresg4150pqcs7230qca8081snapdragon_x35_5g_modem-rf_systemsnapdragon_auto_5g_modem-rf_gen_2qcn6023qcm4490ipq8071asdx65m_firmwaresa7775pqcs5430qca6174a_firmwaresa8770p_firmwareqca8085_firmwareipq5300qam8620pipq8071a_firmwarewcd9385immersive_home_3210_platformqcs6490_firmwareqca9898_firmwarewcd9375ar8035csr8811ipq4019wcd9390vision_intelligence_400_platform_firmwareqcn9100_firmwaresnapdragon_662_mobile_platformipq5010_firmwarewsa8815_firmwareipq8074a_firmwareqcm6490wsa8835_firmwarevideo_collaboration_vc5_platform_firmwaresxr2250p_firmwareqca6564asg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa4150pqcm6125_firmwareqca6688aq_firmwareqcm4325robotics_rb5_platform_firmwarewcn3990qcn9000qcf8000_firmwareqca6554aqca6595ar9380_firmwareqcs7230_firmwareqcn9012sd888sa8530p_firmwareimmersive_home_326_platform_firmwarewsa8835ipq8065_firmwaresxr1230p_firmwareqcn6122_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresa8540p_firmwaresnapdragon_auto_5g_modem-rfqcn6274sd_8_gen1_5gsnapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwareqcn6422snapdragon_4_gen_1_mobile_platform_firmwareqcn5154snapdragon_4_gen_2_mobile_platform_firmwareqca8075_firmwaressg2125p_firmwaresmart_audio_400_platformqca6574aipq4018qca9889qca6174asm7325pqcn6132_firmwareqca9888qca9994_firmwareqcc2076_firmwareipq8070a_firmwareipq8076_firmwaresa8650psa9000pqca6574_firmwareqca9886sm7325p_firmwaresxr2230pipq8076wsa8845_firmwareqcn9160_firmwareqca6175asa8775pqca6574a_firmwareqcn5152fastconnect_6200_firmwareqrb5165msm7315qca6391snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)fastconnect_7800qcn9100snapdragon_x35_5g_modem-rf_system_firmwareqcm4490_firmwareqcn6274_firmwareqcm6490_firmwareipq5300_firmwarewsa8832_firmwareqcn9070_firmwaresrv1h_firmwareipq8072a_firmwareipq6028_firmwareqcn9011video_collaboration_vc1_platform_firmwareqcn6432_firmwareipq5312_firmwareqca6574ausnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwareqca9889_firmwaresa8155p_firmwareqcn5122ipq9574qcs8250_firmwarewcd9341_firmwareqcm6125wsa8810fastconnect_7800_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresm8550psnapdragon_680_4g_mobile_platformsm6370srv1m_firmwaresnapdragon_ar2_gen_1_platformqcn5022qam8650p_firmwareipq6010_firmwarewcn6740qca6696qcs8550sa6150psnapdragon_8_gen_3_mobile_platform_firmwareqca8075wcd9390_firmwareqcn9022qcn6024qcn9022_firmwareqcc2076qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwaresnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareipq4029qcc2073qca6175a_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwareqca9377_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareipq4028_firmwaresg8275p_firmwareipq8173_firmwaremdm9628_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwareqca4024_firmwareqca9880_firmwareimmersive_home_318_platform_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcn5152_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcn3990_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqcn5124_firmwareqam8295p_firmwareqcn9011_firmwareqca8082_firmwaresa9000p_firmwaresm7315_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9375_firmwarewsa8845h_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwareipq8070_firmwareqca9367_firmwaresa6155p_firmwareqcm8550_firmwareipq8078a_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6678aq_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwareqrb5165m_firmwarewsa8840_firmwareipq4029_firmwaresa4155p_firmwareqcf8001_firmwareqcs8550_firmwareqcn6112_firmwarewcn3988_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqca6698aq_firmwaresdx65m_firmwareqca6174a_firmwareipq8071a_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareipq8068_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwareqcs6490_firmwareipq9008_firmwareqcn5154_firmwareqca9898_firmwareqcc710_firmwareqcn9100_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwareqca9992_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwareqcn5022_firmwaresa8295p_firmwaresxr2250p_firmwareimmersive_home_216_platform_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca9985_firmwarerobotics_rb5_platform_firmwareipq4018_firmwareqca8337_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwareqca7500_firmwareqca9980_firmwareqcf8000_firmwareipq8076a_firmwarear9380_firmwareqcs7230_firmwaresa8530p_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwaresxr1230p_firmwareqcn6402_firmwaresa8540p_firmwarecsr8811_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareipq4019_firmwaressg2125p_firmwareqcn6132_firmwareqca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcc2076_firmwareipq8070a_firmwareqcn9274_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwareqcc2073_firmwareipq6018_firmwareipq8076_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm7325p_firmwarewsa8845_firmwareqcn9160_firmwareqxm8083_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq8064_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcs4490_firmwareipq5300_firmwareqcm6490_firmwareipq8078_firmwaresa8650p_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwarefastconnect_6900_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareipq5312_firmwareqcn6432_firmwareqca9889_firmwaresa8155p_firmwareqca6564a_firmwareipq8174_firmwareqcn9024_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcn6412_firmwaresw5100p_firmwareipq5332_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareipq5302_firmwareqamsrv1m_firmwaresrv1m_firmwareqca9886_firmwareqam8650p_firmwareipq6010_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwareimmersive_home_214_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwareqcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareqca9990_firmwareqcn9072_firmwareipq6000_firmwaressg2115p_firmwaresw5100_firmwareqcn9074_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwareqca6175a_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-33763
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.54%
||
7 Day CHG~0.00%
Published-01 May, 2024 | 00:00
Updated-15 Apr, 2025 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp.

Action-Not Available
Vendor-sammycagen/asammycage
Product-lunasvgn/alunasvg
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 18
  • 19
  • Next
Details not found