Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-20133

Summary
Assigner-MediaTek
Assigner Org ID-ee979b05-11f8-4f25-a7e0-a1fa9c190374
Published At-02 Dec, 2024 | 03:07
Updated At-03 Dec, 2024 | 04:55
Rejected At-
Credits

In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:MediaTek
Assigner Org ID:ee979b05-11f8-4f25-a7e0-a1fa9c190374
Published At:02 Dec, 2024 | 03:07
Updated At:03 Dec, 2024 | 04:55
Rejected At:
▼CVE Numbering Authority (CNA)

In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871.

Affected Products
Vendor
MediaTek Inc.MediaTek, Inc.
Product
MT6879, MT6886, MT6895, MT6895T, MT6896, MT6980, MT6983, MT8673, MT8676, MT8795T, MT8798
Versions
Affected
  • Modem NR16
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://corp.mediatek.com/product-security-bulletin/December-2024
N/A
Hyperlink: https://corp.mediatek.com/product-security-bulletin/December-2024
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
MediaTek Inc.mediatek
Product
mt6879
CPEs
  • cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt6886
CPEs
  • cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt6895
CPEs
  • cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt6895t
CPEs
  • cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt6896
CPEs
  • cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt6980
CPEs
  • cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt6983
CPEs
  • cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt8673
CPEs
  • cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt8676
CPEs
  • cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt8795t
CPEs
  • cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
MediaTek Inc.mediatek
Product
mt8798
CPEs
  • cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@mediatek.com
Published At:02 Dec, 2024 | 04:15
Updated At:22 Apr, 2025 | 13:56

In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
MediaTek Inc.
mediatek
>>nr16>>-
cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6879>>-
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6886>>-
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6895>>-
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6895t>>-
cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6896>>-
cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6980>>-
cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6983>>-
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8673>>-
cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8676>>-
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8795t>>-
cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8798>>-
cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Secondarysecurity@mediatek.com
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Secondary
Source: security@mediatek.com
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://corp.mediatek.com/product-security-bulletin/December-2024security@mediatek.com
Vendor Advisory
Hyperlink: https://corp.mediatek.com/product-security-bulletin/December-2024
Source: security@mediatek.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

938Records found
CVE-2022-20108
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.64%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 20:06
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In voice service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330702; Issue ID: DTV03330702.

Action-Not Available
Vendor-Google LLCMediaTek Inc.Linux Kernel Organization, Inc
Product-mt9631mt9011mt9688mt9615mt9221mt9670mt9617mt9215mt9216mt9636mt9611mt9652mt9629mt9639mt9266mt9269mt9255mt9256mt9610mt9612mt9638mt9220mt9675mt9288mt9666mt9669mt9285mt9600mt9286mt9650mt9632mt9685mt9613mt9602linux_kernelandroidmt9686mt9630MT9011, MT9215, MT9216, MT9220, MT9221, MT9255, MT9256, MT9266, MT9269, MT9285, MT9286, MT9288, MT9600, MT9602, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9629, MT9630, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9666, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20067
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.29%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836585; Issue ID: ALPS05836585.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8675mt8765mt8788mt6750mt8666mt6755smt8167mt6765mt8183mt6891mt8735amt6853tmt6739mt6757mt8768mt8789mt6769mt6761mt8797mt8321mt6768mt8362amt8786mt8766mt6755mt8167smt6771mt8385mt6833mt6885mt6735mt6762mt8365mt6853mt8667mt8168androidmt8185mt8791mt6779mt6785mt6731mt8735bmt6763mt8173MT6731, MT6735, MT6739, MT6750, MT6755, MT6755S, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6885, MT6891, MT6893, MT8167, MT8167S, MT8168, MT8173, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20070
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:38
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06362920; Issue ID: ALPS06362920.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6757cdmt6873mt6893mt6799mt6750mt6983mt6755smt6757cmt6765mt6891mt6737mt6883mt6853tmt6739mt6757mt6880mt6797mt6769mt6761mt6875mt6889mt6768mt6755mt6985mt6890mt6771mt6758mt6833mt6732mt6885mt6735mt6750smt6753mt6762mt6795mt6781mt6877mt6853mt6895mt6789androidmt6757chmt6779mt6752mt6785mt6731mt6763MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20014
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.29%
||
7 Day CHG~0.00%
Published-04 Jan, 2022 | 15:56
Updated-22 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6853mt8788mt6785mt8789mt6781mt6853tmt6873mt6883mt6833mt8183mt6891mt6893mt8185mt6885mt6877mt8385mt6889androidMT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, MT8185, MT8385, MT8788, MT8789
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20095
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.14%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 19:59
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479763; Issue ID: ALPS06479763.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6771androidmt6833mt6885mt8788mt8797mt6779mt6785mt6781mt6853MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6885, MT6893, MT8788, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20030
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.74%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837793; Issue ID: ALPS05837793.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6833mt6885mt6877mt6781mt6891mt6853mt6883mt6853tmt8789androidmt8797mt6889mt8185mt8791mt6785MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0657
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.37%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:57
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672103; Issue ID: ALPS05672103.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0658
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 3.06%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:57
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672107.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0655
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 3.06%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:57
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mdlactl driver, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05673424; Issue ID: ALPS05673424.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt6889mt6891mt6883MT6873, MT6875, MT6883, MT6885, MT6889, MT6891, MT6893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0671
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.01%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:58
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05664273; Issue ID: ALPS05664273.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6853tmt6893mt6891androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6853mt6883MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0679
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 3.06%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05687781.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0896
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 3.06%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05671206.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0678
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 3.06%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05722511.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0903
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 3.06%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05656488.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0895
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 3.06%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672003.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0894
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 3.06%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672038.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26449
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.84%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177810; Issue ID: ALPS07177810.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6895mt6983mt6879MT6879, MT6895, MT6983
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32592
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt8765mt8675mt8385mt8788mt8518mt6983yoctomt8666mt6895androidmt8768mt8789mt8185mt8321mt8786mt6879MT6855, MT6879, MT6895, MT6983, MT8185, MT8321, MT8385, MT8518, MT8666, MT8675, MT8765, MT8768, MT8786, MT8788, MT8789
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32626
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326239; Issue ID: ALPS07326239.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6855mt8365mt6883mt6873mt6765mt6768mt6877mt8791mt8781mt6983mt6789mt6781androidmt6785mt6833mt6889mt6885mt6779mt8168mt6853mt6893mt6895mt6761mt8766MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8766, MT8781, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20767
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.68%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629584.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt6985mt8168androidmt6886mt8673mt6983mt8195mt8167mt6879MT6879, MT6886, MT6895, MT6983, MT6985, MT8167, MT8168, MT8195, MT8673
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20811
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.64%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:22
Updated-04 Dec, 2024 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In IOMMU, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061.

Action-Not Available
Vendor-Google LLCMediaTek Inc.Linux Kernel Organization, Inc
Product-mt9631mt9011mt9688mt9615mt9022mt9030mt9012mt5695mt9667mt9221mt9617mt5221mt9031mt9216mt9618mt9636mt9653mt9611mt9021mt5583mt9222mt9652mt9629mt9218mt9639mt9266mt9255mt9269mt9016mt9256mt9610mt9612mt9638mt9220mt9675mt9288mt9666mt9669mt9650mt9286mt9632mt9671mt9020mt9685mt9613mt9010mt9602linux_kernelmt9032androidmt9686mt9630mt5691mt9649MT5221, MT5583, MT5691, MT5695, MT9010, MT9011, MT9012, MT9016, MT9020, MT9021, MT9022, MT9030, MT9031, MT9032, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9666, MT9667, MT9669, MT9671, MT9675, MT9685, MT9686, MT9688
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20816
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.32%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:22
Updated-22 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453589; Issue ID: ALPS07453589.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6985mt6873mt6893mt6833mt6580mt6886mt6885mt6983mt6877mt6781mt6765mt6891mt6883mt6853mt6895mt6853tmt6739androidmt6875mt6761mt6889mt6768mt6779mt6879MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985mt6855mt6985mt6873mt6893mt6833mt6580mt6886mt6885mt6983mt6877mt6781mt6765mt6891mt6883mt6853mt6895mt6853tmt6739androidmt6875mt6761mt6889mt6768mt6779mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20766
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.68%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6879mt8175mt6873mt6893mt8675mt8765mt6580mt6886mt8788mt8791tmt6983mt8666mt8167mt6765mt6891mt6853tmt6739mt6757mt8768mt8789mt6769mt6761mt6875mt8797mt8321mt6768mt8362amt8781mt8766mt8786mt6985mt6771mt8385mt6833mt6735mt6753mt6762mt6877mt6781mt8365mt6853mt8667mt6895mt8168mt6789androidmt8185mt8791mt6779mt6785mt6763mt8173MT6580, MT6735, MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6886, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20752
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.64%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keymange, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826586; Issue ID: ALPS07826586.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt8168mt8167sandroidmt8362amt8365mt8167mt8195MT8167, MT8167S, MT8168, MT8175, MT8195, MT8362A, MT8365
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20738
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.68%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8175mt6873mt6893mt5838mt5696mt8395mt8791tmt5836mt9649mt6891mt6883mt9000mt9653mt9015mt9618mt6853tmt9023mt8789mt6769mt6875mt8797mt6889mt9687mt6768mt9952mt8781mt8786mt6833mt6885mt8673yoctomt9902mt6877mt6781mt8365mt8195mt6853mt9932iot-yoctomt8168mt6789androidmt9972mt9679mt9689mt6779mt6785mt9982mt9025MT5696, MT5836, MT5838, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8195, MT8365, MT8395, MT8673, MT8781, MT8786, MT8789, MT8791T, MT8797, MT9000, MT9015, MT9023, MT9025, MT9618, MT9649, MT9653, MT9679, MT9687, MT9689, MT9902, MT9932, MT9952, MT9972, MT9982
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20821
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.96%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:27
Updated-11 Oct, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.

Action-Not Available
Vendor-rdkcentralMediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt6855mt6990mt8175mt6873mt6893mt8675mt2735mt8765mt6886mt8395mt8788mt8791tmt6983mt8666mt8167mt6891mt6883openwrtmt6835mt6880mt8768mt8789mt6875mt8797mt6889mt8321mt8362amt8781mt8766rdk-bmt8786mt6985mt6890mt8167smt8188mt8385mt6833mt6885mt8673yoctomt6877mt8365mt8195mt6853mt6980mt6895mt8168androidmt8185mt8791mt2713mt6879mt8173MT2713, MT2735, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797mt6855mt6990mt8175mt6873mt6893mt8675mt2735mt8765mt6886mt8395mt8788mt8791tmt6983mt8666mt8167mt6891mt6883mt6835mt6880mt8768mt8789mt6875mt8797mt6889mt8321mt8362amt8781mt8766mt8786mt6985mt6890mt8167smt8188mt8385mt6833mt6885mt8673mt6877mt8365mt8195mt6853mt6980mt6895mt8168androidmt8185mt8791mt2713mt6879mt8173
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26434
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450.

Action-Not Available
Vendor-yoctoprojectGoogle LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8675mt8765mt8788mt6983mt8666mt8167mt8768mt8789mt8797mt8321mt8362amt8786mt8766mt8167smt8385mt6833mt6885yoctomt6877mt8365mt6853mt6895mt8168androidmt8185mt8791mt8532mt6879mt8173MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-21759
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.14%
||
7 Day CHG~0.00%
Published-06 Jun, 2022 | 17:40
Updated-03 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419106; Issue ID: ALPS06419077.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8675mt8765mt6580mt8788mt6983mt8666mt8167mt6765mt6891mt6739mt8768mt8789mt6769mt6761mt6875mt8797mt8321mt6768mt8362amt8786mt8766mt8167smt6771mt8385mt6833mt6885mt6735mt6877mt6781mt8365mt6853mt6895mt8168androidmt8185mt8791mt6779mt6785mt6879mt8173MT6580, MT6735, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6879, MT6885, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20748
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.31%
||
7 Day CHG-0.01%
Published-04 Nov, 2025 | 06:20
Updated-13 Jan, 2026 | 06:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432679; Issue ID: MSV-3950.

Action-Not Available
Vendor-OpenWrtMediaTek Inc.
Product-mt7981mt7622mt7916mt7663mt7986mt7615software_development_kitopenwrtmt6890mt7915MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20657
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.12%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:14
Updated-18 Apr, 2025 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6781mt6885mt6765mt8781mt8791tmt6768mt6833mt6877mt8771mt8768mt6789mt8786androidmt6853MT6765, MT6768, MT6781, MT6789, MT6833, MT6853, MT6877, MT6885, MT8768, MT8771, MT8781, MT8786, MT8791T
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20749
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.37%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:20
Updated-05 Nov, 2025 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In charger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915493; Issue ID: MSV-3800.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6983mt6855mt8195mt6835mt6897mt6991mt6878mt8169androidmt6989mt8188mt6985mt8781mt8196mt6899mt6789mt8796mt6879mt6886MT6789, MT6835, MT6855, MT6878, MT6879, MT6886, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8169, MT8188, MT8195, MT8196, MT8781, MT8796
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20782
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.32%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-08 Jan, 2026 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20739
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.54%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:20
Updated-05 Nov, 2025 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435340; Issue ID: MSV-4038.

Action-Not Available
Vendor-OpenWrtMediaTek Inc.
Product-mt7615mt7622mt7916openwrtmt7986mt7981mt6890mt7915software_development_kitmt7663MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20783
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.32%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-08 Jan, 2026 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4684.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20736
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.54%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:20
Updated-05 Nov, 2025 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435347; Issue ID: MSV-4049.

Action-Not Available
Vendor-OpenWrtMediaTek Inc.
Product-mt7615mt7622mt7916openwrtmt7986mt7981mt6890mt7915software_development_kitmt7663MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20746
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.37%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:20
Updated-05 Nov, 2025 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010441; Issue ID: MSV-3967.

Action-Not Available
Vendor-rdkcentralOpenWrtGoogle LLCThe Linux FoundationZephyr ProjectMediaTek Inc.
Product-mt8676mt6986dmt8678mt2737mt6835mt6990mt6897mt6991yoctomt6986mt6878androidmt6989mt6985mt8755openwrtmt6899rdk-bmt8893mt2718mt6982zephyrmt6886MT2718, MT2737, MT6835, MT6878, MT6886, MT6897, MT6899, MT6982, MT6985, MT6986, MT6986D, MT6989, MT6990, MT6991, MT8676, MT8678, MT8755, MT8893
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20747
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.37%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:20
Updated-05 Nov, 2025 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010443; Issue ID: MSV-3966.

Action-Not Available
Vendor-rdkcentralOpenWrtGoogle LLCThe Linux FoundationZephyr ProjectMediaTek Inc.
Product-mt8676mt6986dmt8678mt2737mt6835mt6990mt6897mt6991yoctomt6986mt6878androidmt6989mt6985mt8755openwrtmt6899rdk-bmt8893mt2718mt6982zephyrmt6886MT2718, MT2737, MT6835, MT6878, MT6886, MT6897, MT6899, MT6982, MT6985, MT6986, MT6986D, MT6989, MT6990, MT6991, MT8676, MT8678, MT8755, MT8893
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20668
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.63%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 02:49
Updated-07 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8775mt6899androidmt8796mt6991mt6897mt6878mt6989MT6878, MT6897, MT6899, MT6989, MT6991, MT8775, MT8796
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20777
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.37%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-03 Dec, 2025 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8768mt6789mt8792mt6989mt8188mt8766mt8873mt8798mt8196mt6833mt8765mt8771mt6739mt6983mt8793mt6895mt8796mt6889mt8186mt8678mt6897mt8667mt8673mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt8795tmt8781mt6893mt8676mt6855mt6768mt6877mt6899mt6879mt6878mt8791tmt8883androidmt6985mt6853MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20741
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.54%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:20
Updated-05 Nov, 2025 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00434422; Issue ID: MSV-3958.

Action-Not Available
Vendor-OpenWrtMediaTek Inc.
Product-mt7615mt7622mt7916openwrtmt7986mt7981mt6890mt7915software_development_kitmt7663MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20698
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.34%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 01:49
Updated-18 Aug, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6983mt6835mt8676mt8775mt6897mt6899mt6765mt6877mt6895mt6739mt8873mt8796mt6761mt6989androidmt6991mt8893mt8391mt6885mt6879mt6893mt6781mt6853mt8186mt6889mt8678mt6886mt6985mt8883mt6833mt6883mt6878mt8786mt8792mt6855mt8788emt6768mt2718mt8196mt6789MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8196, MT8391, MT8676, MT8678, MT8775, MT8786, MT8788E, MT8792, MT8796, MT8873, MT8883, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20697
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.34%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 01:49
Updated-18 Aug, 2025 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8775mt6897mt6765mt6877mt8678mt8883mt8873mt8796mt6989mt6761mt6991androidmt6883mt8391mt6878mt6885mt8786mt6879mt6893mt8792mt6855mt8788emt6768mt2718mt8196mt6853mt8186mt6889mt8893MT2718, MT6761, MT6765, MT6768, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6889, MT6893, MT6897, MT6989, MT6991, MT8186, MT8196, MT8391, MT8678, MT8775, MT8786, MT8788E, MT8792, MT8796, MT8873, MT8883, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20738
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.54%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:20
Updated-05 Nov, 2025 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435342; Issue ID: MSV-4039.

Action-Not Available
Vendor-OpenWrtMediaTek Inc.
Product-mt7615mt7622mt7916openwrtmt7986mt7981mt6890mt7915software_development_kitmt7663MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20769
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-3.4||LOW
EPSS-0.01% / 0.19%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-03 Dec, 2025 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4804.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32615
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.14%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-01 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccd, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326559; Issue ID: ALPS07326559.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6983mt8871mt8891MT6983, MT8871, MT8891
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2022-26461
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.66%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-12 Jun, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow, there is a possible undefined behavior due to an API misuse. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032604; Issue ID: ALPS07032604.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6885mt6879mt6889mt6893mt8791mt8797mt6883mt6853mt6983mt6873mt6895mt6833androidmt6877MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8791, MT8797
CWE ID-CWE-670
Always-Incorrect Control Flow Implementation
CVE-2022-26473
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.24%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec fmt, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342197; Issue ID: ALPS07342197.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6895mt8696mt8695mt8168mt6789mt8798androidmt6983mt8365mt6879MT6789, MT6855, MT6879, MT6895, MT6983, MT8168, MT8365, MT8695, MT8696, MT8798
CWE ID-CWE-667
Improper Locking
CVE-2024-20025
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.28%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-22 Apr, 2025 | 20:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541686; Issue ID: ALPS08541686.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6763mt8195mt8185mt6885mt8791mt6768mt8395mt8789mt8321mt6771mt6873mt8796mt8678mt8768mt6833mt8365mt6739mt8797mt6761mt8666mt6757mt8175mt8766mt8167mt8798mt8168mt6785mt6877mt8765mt8786mt8385mt6779mt6893mt8362amt6765mt8673mt6853androidmt8788mt8791tmt8781mt8173MT6739, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8673, MT8678, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8796, MT8797, MT8798mt8175mt6873mt6893mt8765mt8395mt8788mt8791tmt8666mt8167mt6765mt6739mt6757mt8768mt8789mt6761mt8797mt8321mt6768mt8362amt8781mt8766mt8786mt8678mt6771mt8385mt6833mt6885mt8673mt6877mt8365mt8195mt6853mt8168mt8798mt8185mt8791mt6779mt8796mt6785mt6763mt8173
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-20106
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.85%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-24 Apr, 2025 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08960505; Issue ID: MSV-1590.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-androidmt8678mt6785mt6873mt6765mt6768mt8667mt8673mt6779mt6885mt8666mt6853mt6739mt6761MT6739, MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8666, MT8667, MT8673, MT8678mt8667mt6873mt8678mt6739androidmt6885mt8673mt6761mt6768mt6779mt8666mt6785mt6765mt6853
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2024-20059
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.37%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 02:51
Updated-30 Apr, 2025 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible escalation of privilege due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541749; Issue ID: ALPS08541749.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6877mt6855mt6886mt6761mt6989mt6895mt6789mt8370androidmt6985mt8188mt6853mt6739mt6879mt6768mt6580mt6835mt6885mt6893mt6765mt6833mt6883mt6983mt6781mt6889mt8390MT6580, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT6989, MT8188, MT8370, MT8390mt6781mt6893mt6989mt6835mt6886mt6855mt6889mt6761mt6739mt6768mt6985mt6580mt6789mt6833mt6765mt6983mt6877mt6885mt8390mt8188mt6895mt6853mt6879mt6883
CWE ID-CWE-1332
Improper Handling of Faults that Lead to Instruction Skips
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 18
  • 19
  • Next
Details not found