Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-20456

Summary
Assigner-MediaTek
Assigner Org ID-ee979b05-11f8-4f25-a7e0-a1fa9c190374
Published At-01 Jun, 2026 | 03:20
Updated At-01 Jun, 2026 | 11:07
Rejected At-
Credits

In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:MediaTek
Assigner Org ID:ee979b05-11f8-4f25-a7e0-a1fa9c190374
Published At:01 Jun, 2026 | 03:20
Updated At:01 Jun, 2026 | 11:07
Rejected At:
â–¼CVE Numbering Authority (CNA)

In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338.

Affected Products
Vendor
MediaTek Inc.MediaTek, Inc.
Product
MediaTek chipset
Default Status
unaffected
Versions
Affected
  • MT7902
  • MT7920
  • MT7921
  • MT7922
  • MT7925
  • MT7927
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://corp.mediatek.com/product-security-bulletin/June-2026
N/A
Hyperlink: https://corp.mediatek.com/product-security-bulletin/June-2026
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@mediatek.com
Published At:01 Jun, 2026 | 04:16
Updated At:01 Jun, 2026 | 16:41

In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-787Secondarysecurity@mediatek.com
CWE ID: CWE-787
Type: Secondary
Source: security@mediatek.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://corp.mediatek.com/product-security-bulletin/June-2026security@mediatek.com
N/A
Hyperlink: https://corp.mediatek.com/product-security-bulletin/June-2026
Source: security@mediatek.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

707Records found
CVE-2022-20106
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.56%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 20:05
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In MM service, there is a possible out of bounds write due to a heap-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; Issue ID: DTV03330460.

Action-Not Available
Vendor-Google LLCMediaTek Inc.Linux Kernel Organization, Inc
Product-mt9631mt9011mt9688mt9615mt9221mt9670mt9617mt9215mt9216mt9636mt9611mt9652mt9629mt9639mt9266mt9269mt9255mt9256mt9610mt9612mt9638mt9220mt9675mt9288mt9666mt9669mt9285mt9600mt9286mt9650mt9632mt9685mt9613mt9602linux_kernelandroidmt9686mt9630MT9011, MT9215, MT9216, MT9220, MT9221, MT9255, MT9256, MT9266, MT9269, MT9285, MT9286, MT9288, MT9600, MT9602, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9629, MT9630, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9666, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20030
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.99%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837793; Issue ID: ALPS05837793.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6833mt6885mt6877mt6781mt6891mt6853mt6883mt6853tmt8789androidmt8797mt6889mt8185mt8791mt6785MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20026
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.70%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126827; Issue ID: ALPS06126827.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt8167androidmt8385mt8362amt8365mt8183MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20070
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:38
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06362920; Issue ID: ALPS06362920.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6757cdmt6873mt6893mt6799mt6750mt6983mt6755smt6757cmt6765mt6891mt6737mt6883mt6853tmt6739mt6757mt6880mt6797mt6769mt6761mt6875mt6889mt6768mt6755mt6985mt6890mt6771mt6758mt6833mt6732mt6885mt6735mt6750smt6753mt6762mt6795mt6781mt6877mt6853mt6895mt6789androidmt6757chmt6779mt6752mt6785mt6731mt6763MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20040
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.78%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8765mt8788mt8167mt6891mt6883mt6737mt6739mt6757mt6880mt8768mt6875mt6761mt8789mt6889mt8797mt8321mt8362amt8786mt8766mt6755mt6890mt6771mt8385mt6833mt6885mt6735mt6877mt8365mt6853mt8168androidmt8185mt8791mt6779mt6785mt8173MT6735, MT6737, MT6739, MT6755, MT6757, MT6761, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20055
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 1.93%
||
7 Day CHG~0.00%
Published-09 Mar, 2022 | 17:02
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8675mt8765mt8788mt8666mt8183mt6765mt8735amt6853tmt8768mt8789mt6761mt8797mt8321mt6768mt8786mt8766mt6771mt8385mt6833mt6885mt6877mt6762mt6781mt6853mt8667androidmt8185mt8791mt6779mt6785mt8735bMT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6893, MT8183, MT8185, MT8321, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20074
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.01% / 3.07%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:38
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8675mt6763mt8788mt6983mt6765mt6891mt6883mt6853tmt6880mt8768mt8789mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8786mt8766mt6985mt8695mt6890mt8385mt6833mt6885mt6877mt6762mt6853mt8667mt6895androidmt8185mt8791mt6779mt6879MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6779, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8667, MT8675, MT8695, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-20025
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.70%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126832; Issue ID: ALPS06126832.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt8167mt8385androidmt8362amt8365mt8183MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20095
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.82%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 19:59
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479763; Issue ID: ALPS06479763.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6771androidmt6833mt6885mt8788mt8797mt6779mt6785mt6781mt6853MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6885, MT6893, MT8788, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20063
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.01% / 1.57%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171715; Issue ID: ALPS06171715.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8667mt8385androidmt8788mt8766mt8666mt8786mt6765MT6765, MT8385, MT8666, MT8667, MT8766, MT8786, MT8788
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32840
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 9.20%
||
7 Day CHG~0.00%
Published-06 Nov, 2023 | 03:50
Updated-05 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6896mt6855nr17mt6893mt6983wmt2735mt6886mt8791tmt8666mt6878mt6765mt6891nr16mt6883mt6980dmt6853tmt2731mt6739mt8768mt6769mt6761mt6875mt6889mt8781mt6985mt6885mt6877mt6853mt8667mt6985tmt6771tmt8791mt6897lr12amt6731mt6990mt6873mt8765mt8675mt6763mt6983tmt8788mt6769tmt6813mt6835mt6880mt8789mt8797mt6768mt8786mt8766mt6890mt6771mt6833mt8673mt6833pmt6989mt6762nr15mt6980mt6895mt6877tmt8798mt6983zmt6769zmt6767mt6895tmt6879MT2731, MT2735, MT6731, MT6739, MT6761, MT6762, MT6763, MT6765, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6771T, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798mt6896mt6855mt6893mt6983wmt2735mt6886mt8791tmt8666mt6878mt6765mt6891mt6883mt6980dmt6853tmt2731mt6739mt8768mt6769mt6761mt6875mt6889mt8781mt6985mt6885mt6877mt6853mt8667mt6985tmt6771tmt8791mt6897mt6731mt6990mt6873mt8765mt8675mt6763mt6983tmt8788mt6769tmt6835mt6813mt6880mt8789mt8797mt6768mt8786mt8766mt6890mt6771mt6833mt8673mt6833pmt6989mt6762mt6980mt6895mt6877tmt8798mt6983zmt6769zmt6767mt6895tmt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32873
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.02% / 5.89%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 02:51
Updated-13 Mar, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08583919; Issue ID: ALPS08304227.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt8755mt6765mt8791tmt8788mt8768mt8385mt6893mt8786mt6761androidmt8789mt8766mt8781mt8771mt8321mt6833mt8792mt8765mt6768mt6983mt6855mt8796mt8795tmt6853MT6761, MT6765, MT6768, MT6833, MT6853, MT6855, MT6893, MT6895, MT6983, MT8321, MT8385, MT8755, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796mt6895mt8755mt6765mt8791tmt8788mt8768mt8385mt6893mt8786mt6761mt8789mt8766mt8781mt8771mt8321mt6833mt8792mt8765mt6768mt6983mt6855mt8796mt8795tmt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32866
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 10.26%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:46
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342152; Issue ID: ALPS07342152.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6985mt6873mt6893mt8188mt6833mt6886mt6885mt6983mt6877mt6781mt6765mt8195mt6853mt6883mt6895mt6789mt6835androidmt6761mt6889mt6768mt6779mt6785mt8781mt6879MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8188, MT8195, MT8781
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32883
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.97%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:49
Updated-03 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6985mt8175mt8765mt2713mt8321mt6765mt6580mt8362amt8167smt6785mt8667mt6855mt6893mt8797mt6889mt6853mt6768mt8798mt6875mt6739mt6879mt6779mt6891mt8673mt6983mt8766mt8768mt8791tmt6781mt8789mt6877mt6853tmt8195mt8788mt6769mt6886mt8168mt8167mt8390mt8666mt8385mt6835mt6762mt8781mt8786mt6789mt8365androidmt8173mt8188mt8395mt6883mt6761mt6833mt6895mt6885MT2713, MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32848
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.13%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:45
Updated-17 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08163896; Issue ID: ALPS08163896.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6771androidmt6885mt6761mt6768mt6779mt6785mt6765mt6763mt6853MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6853, MT6873, MT6885mt6885
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32839
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 6.47%
||
7 Day CHG~0.00%
Published-06 Nov, 2023 | 03:50
Updated-05 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In dpe, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262576; Issue ID: ALPS07262576.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt8798mt8188androidmt8673mt6983mt2713mt8195MT2713, MT6895, MT6983, MT8188, MT8195, MT8673, MT8798mt6895mt8798mt8188androidmt8673mt6983mt2713mt8195
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32827
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.87%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 02:05
Updated-21 Sep, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt8765mt8675mt6886mt8395mt8788mt8791tmt6983mt8666mt8167mt8390mt8768mt8789mt8797mt8321mt8362amt8781mt8766mt8786mt6985mt8167smt8188mt8385mt8673mt6989mt8365mt8195mt6895mt8168mt8798androidmt8185mt8791mt6879mt8173MT6879, MT6886, MT6895, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798mt8175mt8765mt8675mt6886mt8395mt8788mt8791tmt6983mt8666mt8167mt8390mt8768mt8789mt8797mt8321mt8362amt8781mt8766mt8786mt6985mt8167smt8188mt8385mt8673mt6989mt8365mt8195mt6895mt8168mt8798androidmt8185mt8791mt6879mt8173
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32811
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.98%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:28
Updated-01 Oct, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt8175mt6873mt8188mt6833mt8673yoctomt8666mt6785mt6781mt8365mt8195mt6853mt8667mt8168mt6789mt6835androidiot_yoctomt6779mt2713MT2713, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT8168, MT8175, MT8188, MT8195, MT8365, MT8666, MT8667, MT8673androidiot_yoctoyocto
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32830
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 6.55%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 02:05
Updated-21 Sep, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03802522; Issue ID: DTV03802522.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt5680mt9631mt9011mt9688mt9660mt9012mt5695mt9667mt9221mt9670mt5835mt9653mt9216mt9931mt9970mt9633mt9222mt9652mt5670mt9266mt9255mt5815mt9016mt9256mt9610mt9980mt9675mt9666mt9285mt5816mt9632mt9020mt5895mt5527mt5833mt9686mt5691mt9900mt9950mt9901mt9615mt9022mt9617mt9215mt9636mt5598mt5583mt9021mt9629mt9639mt9269mt9612mt9638mt9981mt9669mt9600mt9650mt9286mt9969mt9671mt5806mt9685mt9613mt9010mt9602androidmt9679mt5813mt9630mt5599mt9649MT5527, MT5583, MT5598, MT5599, MT5670, MT5680, MT5691, MT5695, MT5806, MT5813, MT5815, MT5816, MT5833, MT5835, MT5895, MT9010, MT9011, MT9012, MT9016, MT9020, MT9021, MT9022, MT9215, MT9216, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9285, MT9286, MT9600, MT9602, MT9610, MT9612, MT9613, MT9615, MT9617, MT9629, MT9630, MT9631, MT9632, MT9633, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9660, MT9666, MT9667, MT9669, MT9670, MT9671, MT9675, MT9679, MT9685, MT9686, MT9688, MT9900, MT9901, MT9931, MT9950, MT9969, MT9970, MT9980, MT9981mt5680mt9631mt9011mt9688mt9660mt9012mt5695mt9667mt9221mt9670mt5835mt9653mt9216mt9931mt9970mt9633mt9222mt9652mt5670mt9266mt9255mt9016mt5815mt9256mt9610mt9980mt9675mt9666mt9285mt5816mt9632mt9020mt5895mt5527mt5833mt9686mt5691mt9900mt9950mt9901mt9615mt9022mt9617mt9215mt9636mt5598mt5583mt9021mt9629mt9639mt9269mt9612mt9638mt9981mt9669mt9600mt9650mt9286mt9969mt9671mt5806mt9685mt9613mt9010mt9602androidmt9679mt5813mt9630mt5599mt9649
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32874
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-6.01% / 90.89%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:49
Updated-17 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6896nr17mt2735mt6779mt6833pmt6877mt6893mt6985tmt6853mt6879mt6895tmt6989mt6785nr16mt6833mt6890mt6980mt6835mt6983wmt6855nr15mt6895mt6877tmt6897mt6783mt6873lr13mt6983tmt6813mt6985mt6878mt6883mt6875mt6853tmt6785tmt6980dmt6983zmt6781mt6885mt6886mt6891mt6889mt6880mt6789mt6990MT2735, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32886
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.69% / 82.62%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:50
Updated-03 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6873mt6985mt6983wnr17mt6980mt6980dmt8792mt6890mt6833pmt6880mt6983znr16mt8797mt6855mt6893mt6889mt8676mt2735mt8791mt6853mt6985tmt8798mt6875mt6879mt6885mt8673mt6891mt8791tmt6877tmt6989mt8796mt6877mt6853tmt6895tmt6886mt6983tmt6835nr15mt6897mt6896mt6883mt6990mt6813mt8675mt6833mt6895mt6878MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8673, MT8675, MT8676, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32805
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.01% / 1.80%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:28
Updated-01 Oct, 2024 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt8168mt8675MT8168, MT8675mt8168mt8675
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32849
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.66%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:45
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cmdq, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161758; Issue ID: ALPS08161758.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8765mt6833mt6885mt8788mt8791tmt6781mt6853mt8798mt8768mt8781androidmt8797mt6889mt8791mt6785mt8786mt8766MT6781, MT6785, MT6833, MT6853, MT6873, MT6885, MT6889, MT6893, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791, MT8791T, MT8797, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32813
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.66%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:28
Updated-08 Oct, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017370; Issue ID: ALPS08017370.

Action-Not Available
Vendor-MediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt6855mt6990mt8175mt6873mt2735mt6580mt6886mt6983mt8666mt6765mt6883mt6853topenwrtmt6835mt6739mt6880mt6761mt2713mt6889mt6768mt6985mt6890mt8188mt6833mt6885mt8673yoctomt6877mt6855tmt6781mt8365mt8195mt6853mt8667mt6980mt6895mt8168mt6789androidmt6779mt6785mt6879MT2713, MT2735, MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6895, MT6980, MT6983, MT6985, MT6990, MT8168, MT8175, MT8188, MT8195, MT8365, MT8666, MT8667, MT8673
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32865
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.06%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:46
Updated-28 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6985mt6873mt6893mt6833mt6886mt6885mt6983mt6877mt6781mt6765mt6853mt6883mt6895mt8168mt6789mt6835androidmt6761mt6889mt6768mt6779mt6785mt8781mt6879MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8168, MT8781mt6855mt6985mt6873mt6893mt6833mt6886mt6885mt6983mt6877mt6781mt6765mt6853mt6883mt6895mt8168mt6789mt6835mt6761mt6889mt6768mt6779mt6785mt8781mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32847
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 17.23%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:45
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt8175mt6873mt8765mt6580mt6886mt8395mt8788mt8791tmt6983mt8167mt6765mt6883mt6853tmt8390mt6835mt6739mt8768mt8789mt6761mt2713mt6889mt8797mt8321mt8362amt8781mt8766mt8786mt6985mt8167smt8188mt8385mt6833mt6885mt6877mt6762mt8365mt8195mt6853mt6895mt8168mt6789mt8798androidmt6779mt6785mt6879MT2713, MT6580, MT6739, MT6761, MT6762, MT6765, MT6779, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20740
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 3.15%
||
7 Day CHG-0.02%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559840.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt6873mt6893mt8765mt8395mt8788mt8791tmt8167mt6891mt6883mt6853tmt6835mt8768mt8789mt6769mt6875mt8797mt6889mt8321mt6768mt8781mt8766mt8786mt6833mt6885yoctomt6877mt6781mt8365mt6853iot-yoctomt8168mt6789androidmt8185mt8791mt6779mt6785mt8173MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8365, MT8395, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20001
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 10.32%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 05:59
Updated-15 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt9675mt9667mt9010mt9615mt9629mt9669mt9016mt9630mt9639mt9685mt9255mt9015mt9653mt9218mt9011mt9610mt9650mt5691mt9216mt9666mt9689mt9649mt5696mt9026mt9618mt9617mt9652mt9288mt9679mt9632mt9612mt9025mt9602mt9603mt5583mt9611mt9020mt9256mt9266mt9633mt9220mt9221mt9638mt9660mt9636mt9222mt9671mt9688mt9269mt5586mt9286mt9022mt9613mt9686mt5695mt9021androidmt9012mt9631MT5583, MT5586, MT5691, MT5695, MT5696, MT9010, MT9011, MT9012, MT9015, MT9016, MT9020, MT9021, MT9022, MT9025, MT9026, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9603, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9633, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9660, MT9666, MT9667, MT9669, MT9671, MT9675, MT9679, MT9685, MT9686, MT9688, MT9689
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20006
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.05% / 15.31%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 05:59
Updated-16 Dec, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148.

Action-Not Available
Vendor-rdkcentralOpenWrtGoogle LLCMediaTek Inc.
Product-mt6890openwrtandroidmt6880mt8188tmt2713mt6781rdk-bMT2713, MT6781, MT6880, MT6890, MT8188Tmt6781mt2713mt6890mt8188tmt6880
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20105
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.29%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09062027; Issue ID: MSV-1743.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6580mt6885mt6889mt6768mt6855mt6785mt6877mt6873mt6781mt8768mt6779mt6833mt6893mt6765mt8673mt6739mt6761mt8666mt6853androidmt6983mt6879mt6789mt6883mt6895mt8667MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8666, MT8667, MT8673, MT8768
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20075
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.51%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 02:04
Updated-13 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In eemgpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08713302; Issue ID: MSV-1393.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8185mt8786mt6873androidmt8789mt6877mt6833mt8675mt6885mt6893mt6853MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8185, MT8675, MT8786, MT8789mt8185mt8786mt6873androidmt8789mt6877mt6833mt8675mt6885mt6893mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20092
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.75%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 02:35
Updated-25 Apr, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1700.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8789mt6785mt8667mt6779mt6768mt6873mt6885androidmt8385mt6765mt6761mt6853mt8666mt8768mt8781mt8766mt8788MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789mt6873mt8385mt6885mt8788mt8666mt6765mt6853mt8667mt8768mt8789androidmt6761mt6779mt6768mt6785mt8781mt8766
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20109
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.62%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-22 Apr, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065928; Issue ID: MSV-1763.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6893mt8195mt6765mt6885mt6768mt6877mt6853androidmt6873mt6833mt8188MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195mt6873mt6893mt8188androidmt6833mt6885mt6768mt6877mt6765mt8195mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20054
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.07% / 21.31%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 02:35
Updated-23 Apr, 2025 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580200; Issue ID: ALPS08580200.

Action-Not Available
Vendor-rdkcentralMediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt6895mt8678mt6890mt8765mt6835mt6855mt8788mt2735mt6875mt6873mt8792mt8796mt8385androidmt8195mt6762mt6985mt8766rdk-bmt6877mt8786mt6983mt6833mt8893mt6990mt6883mt8673mt8173mt6879mt2737mt6893mt6989openwrtmt8321mt8791tmt6889mt8755mt8775mt8676mt8781mt6765mt6769mt8168mt8666mt8667yoctomt8390mt8768mt6891mt6853mt6885MT2735, MT2737, MT6762, MT6765, MT6769, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT6989, MT6990, MT8168, MT8173, MT8195, MT8321, MT8385, MT8390, MT8666, MT8667, MT8673, MT8676, MT8678, MT8755, MT8765, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8791T, MT8792, MT8796, MT8893mt6855mt8765mt8786mt8188mt6833mt8788mt8791tmt8167mt6765mt6895mt8168mt6789mt8798mt8768mt8789mt6761mt8797mt8321mt6768mt8781mt8766
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20029
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.02% / 4.46%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-22 Apr, 2025 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477406; Issue ID: MSV-1010.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6989androidmt8796mt8678mt6985MT6985, MT6989, MT8678, MT8796mt6985androidmt6989mt8796mt8678
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20110
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.62%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-22 Apr, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065887; Issue ID: MSV-1762.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6893mt8195mt6765mt6885mt6768mt6877mt6853androidmt6873mt6833mt8188MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195mt6873mt6893mt8188androidmt6833mt6885mt6768mt6877mt6765mt8195mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20134
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.45%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 03:07
Updated-22 Apr, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8775mt6989mt8798mt6835mt6896mt8755androidmt6983mt6895mt6879mt8796mt6897mt6985mt6878MT6835, MT6878, MT6879, MT6895, MT6896, MT6897, MT6983, MT6985, MT6989, MT8755, MT8775, MT8796, MT8798mt6896mt6895mt6985mt8798mt6835mt6983mt6989mt8775mt6897mt8755mt8796mt6878mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20027
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.9||HIGH
EPSS-0.01% / 2.00%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-22 Apr, 2025 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541633.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6763mt8167mt6885mt6768mt8168mt6785mt6877mt6771mt6873mt8163mt6779mt6833mt6893mt6765mt6739mt6761mt6853androidmt6757mt8512MT6739, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8168, MT8512mt8512mt8168
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20101
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.79% / 83.14%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 02:35
Updated-24 Apr, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8796mt8695mt7927mt6985androidmt8678mt8755mt8775mt8676software_development_kitmt8698mt6989mt8512mt6990mt3605mt8792mt8183MT3605, MT6985, MT6989, MT6990, MT7927, MT8183, MT8512, MT8676, MT8678, MT8695, MT8698, MT8755, MT8775, MT8792, MT8796mt6990mt6985mt8695mt3605mt6989mt8698mt8183mt8676mt8512mt7927androidmt8792mt8775mt8796mt8755mt8678
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20140
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 6.55%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09270402; Issue ID: MSV-2020.

Action-Not Available
Vendor-MediaTek Inc.The Linux FoundationGoogle LLC
Product-mt6893mt8532mt6885mt6768mt8518smt6739mt6877mt6761mt6853androidmt6781mt6833yoctoMT6739, MT6761, MT6768, MT6781, MT6833, MT6853, MT6877, MT6885, MT6893, MT8518S, MT8532
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20017
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-68.16% / 98.62%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-05 May, 2025 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation Patch ID: WCNCR00350938; Issue ID: MSV-1132.

Action-Not Available
Vendor-MediaTek Inc.OpenWrt
Product-mt7916mt7622mt6890mt7986openwrtmt7981mt7915software_development_kitMT6890, MT7915, MT7916, MT7981, MT7986mt7981mt6890mt7986mt7916mt7915
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20073
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.22% / 44.85%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 02:04
Updated-25 Apr, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; Issue ID: MSV-1411.

Action-Not Available
Vendor-MediaTek Inc.OpenWrt
Product-software_development_kitopenwrtmt6890mt7622MT6890, MT7622mt7622mt6890openwrt
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20090
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.51%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 02:35
Updated-25 Apr, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8789mt6785mt8667mt6779mt6768mt6873mt6885androidmt8385mt6765mt6761mt6853mt8666mt8768mt8781mt8766mt8788MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789mt6873mt8385mt6885mt8788mt8666mt6765mt6853mt8667mt8768mt8789androidmt6761mt6779mt6768mt6785mt8781mt8766
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20135
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.15%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 03:07
Updated-22 Apr, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In soundtrigger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09142526; Issue ID: MSV-1841.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6893mt8775mt6989mt9687mt6768mt6877mt6853androidmt8796mt6781mt6897mt6878mt6833MT6768, MT6781, MT6833, MT6853, MT6877, MT6878, MT6893, MT6897, MT6989, MT8775, MT8796, MT9687mt6893mt6833mt9687mt6989mt8775mt6768mt6897mt6878mt6877mt8796mt6781mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20018
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.83% / 74.95%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-22 Apr, 2025 | 20:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt7615software_development_kitMT7615mt7615
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20086
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.48%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 02:07
Updated-05 Sep, 2024 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8667androidmt8385mt8768mt8789mt8788mt8766mt6768mt6779mt8666mt6785mt8781mt6765MT6765, MT6768, MT6779, MT6785, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789mt8667mt8385mt8768mt8789androidmt8788mt8766mt6768mt6779mt8666mt6785mt8781mt6765
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20044
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.04% / 13.45%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 02:35
Updated-23 Apr, 2025 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541784; Issue ID: ALPS08541784.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6763mt8678mt8765mt8788mt6873mt8796mt8167mt8385androidmt8195mt6779mt8766mt8395mt6877mt8786mt8798mt6833mt6768mt8185mt8673mt6785mt8365mt8173mt6893mt8362amt6761mt8321mt8791tmt8175mt8797mt6739mt8781mt6765mt6757mt6781mt8168mt8666mt6771mt8791mt8768mt8789mt6853mt6885MT6739, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8673, MT8678, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8796, MT8797, MT8798mt8175mt6873mt6893mt6771mt8385mt6833mt8395mt6885mt8673mt8666mt6877mt6781mt8365mt8167mt6765mt8195mt6853mt8168mt6739mt6757mt6761mt8185mt8321mt6768mt8362amt6779mt6785mt6763mt8173
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20072
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.22% / 44.85%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 02:04
Updated-25 Apr, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364732; Issue ID: MSV-1332.

Action-Not Available
Vendor-MediaTek Inc.OpenWrt
Product-mt7622mt6890mt6990software_development_kitopenwrtMT6890, MT6990, MT7622mt7622mt6990mt6890openwrt
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20083
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 49.32%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 03:02
Updated-30 May, 2025 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6768mt8771mt8321mt8781mt8765mt8766mt8755mt6779mt8385mt6785mt8798mt8667mt8797mt8796mt8789mt8666mt8768mt8795tmt8791tmt6765mt8775mt8786androidmt8792mt8788MT6765, MT6768, MT6779, MT6785, MT8321, MT8385, MT8666, MT8667, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798mt8765mt8385mt8788mt8791tmt8666mt6785mt6765mt8667mt8798mt8768mt8789mt8781mt8771mt8792mt8797mt8321mt6768mt8775mt8795tmt8796mt6779mt8755mt8786mt8766
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20108
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.51%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-22 Apr, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6989mt8791mt6855mt8321mt6873mt8796mt8365mt8676mt8797mt8666mt6789mt6985mt8667mt8675mt8168mt6785mt6877mt8765mt8786mt8188mt6893mt8362amt6765mt8673mt8788mt8791tmt6883mt8173mt8390mt8195mt8185mt8370mt8771mt6885mt6889mt6768mt8395mt8789mt6886mt8792mt8678mt6897mt8768mt6878mt6833mt6739mt6761mt8175mt8766mt8775mt6580mt8798mt8385mt6781mt6779mt8795tmt6835mt6896mt8755mt6853androidmt6983mt6879mt6895mt8781MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6896, MT6897, MT6983, MT6985, MT6989, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798mt6896mt6855mt8175mt6893mt6580mt6886mt8395mt8791tmt6983mt8666mt6878mt6765mt6883mt8676mt8390mt6739mt8768mt6761mt6889mt8321mt8362amt8775mt8795tmt8781mt6985mt8385mt6885mt6877mt8365mt8195mt6853mt8667mt8791mt6897mt8755mt6785mt8173mt6873mt8765mt8675mt8370mt8788mt6835mt8789mt8792mt8797mt6768mt8786mt8766mt8678mt8188mt6833mt8673mt6989mt6781mt6895mt8168mt6789mt8798androidmt8185mt8796mt6779mt8771mt6879
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • ...
  • 6
  • 7
  • 8
  • ...
  • 14
  • 15
  • Next
Details not found