Lucene search

MitreCVE-2021-32484

HistorySep 09, 2021 - 4:15 p.m.

CVE-2021-32484

2021-09-0916:15:07

CWE-787

mitre

web.nvd.nist.gov

cve-2021-32484

modem 2g

rrm

heap buffer overflow

denial of service

patch moly00500621

issue alps04964917

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

68.6%

JSON

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964917.

Affected configurations

Nvd

Node

mediatekmt6739Match-

mediatekmt6761Match-

mediatekmt6762Match-

mediatekmt6762dMatch-

mediatekmt6762mMatch-

mediatekmt6763Match-

mediatekmt6765Match-

mediatekmt6765tMatch-

mediatekmt6767Match-

mediatekmt6768Match-

mediatekmt6769Match-

mediatekmt6769tMatch-

mediatekmt6769zMatch-

mediatekmt6771Match-

mediatekmt6779Match-

mediatekmt6783Match-

mediatekmt6785Match-

mediatekmt6785tMatch-

AND

mediatekmodemMatchlr12a

mediatekmodemMatchlr13

VendorProductVersionCPE
mediatekmt6739-cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
mediatekmt6761-cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
mediatekmt6762-cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*
mediatekmt6762d-cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*
mediatekmt6762m-cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*
mediatekmt6763-cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*
mediatekmt6765-cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
mediatekmt6765t-cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*
mediatekmt6767-cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*
mediatekmt6768-cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mediatek	mt6739	-	cpe:2.3:h:mediatek:mt6739:-:::::::*
mediatek	mt6761	-	cpe:2.3:h:mediatek:mt6761:-:::::::*
mediatek	mt6762	-	cpe:2.3:h:mediatek:mt6762:-:::::::*
mediatek	mt6762d	-	cpe:2.3:h:mediatek:mt6762d:-:::::::*
mediatek	mt6762m	-	cpe:2.3:h:mediatek:mt6762m:-:::::::*
mediatek	mt6763	-	cpe:2.3:h:mediatek:mt6763:-:::::::*
mediatek	mt6765	-	cpe:2.3:h:mediatek:mt6765:-:::::::*
mediatek	mt6765t	-	cpe:2.3:h:mediatek:mt6765t:-:::::::*
mediatek	mt6767	-	cpe:2.3:h:mediatek:mt6767:-:::::::*
mediatek	mt6768	-	cpe:2.3:h:mediatek:mt6768:-:::::::*

Rows per page:

1-10 of 201

References

corp.mediatek.com/product-security-bulletin/September-2021

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

68.6%

JSON

Related for CVE-2021-32484