Lucene search
MediaTekCVE-2023-32886HistoryJan 02, 2024 - 3:15 a.m.
CVE-2023-32886
2024-01-0203:15:08
CWE-787
MediaTek
web.nvd.nist.gov
28
cve-2023-32886
modem
ims
sms
ua
out of bounds write
denial of service
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
34.4%
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.
Affected configurations
Node
mediateknr15Match-
ORmediateknr16Match-
ORmediateknr17Match-
mediatekmt2735Match-
ORmediatekmt6813Match-
ORmediatekmt6833Match-
ORmediatekmt6833pMatch-
ORmediatekmt6835Match-
ORmediatekmt6853Match-
ORmediatekmt6853tMatch-
ORmediatekmt6855Match-
ORmediatekmt6873Match-
ORmediatekmt6875Match-
ORmediatekmt6877Match-
ORmediatekmt6877tMatch-
ORmediatekmt6878Match-
ORmediatekmt6879Match-
ORmediatekmt6880Match-
ORmediatekmt6883Match-
ORmediatekmt6885Match-
ORmediatekmt6886Match-
ORmediatekmt6889Match-
ORmediatekmt6890Match-
ORmediatekmt6891Match-
ORmediatekmt6893Match-
ORmediatekmt6895Match-
ORmediatekmt6895tMatch-
ORmediatekmt6896Match-
ORmediatekmt6897Match-
ORmediatekmt6980Match-
ORmediatekmt6980dMatch-
ORmediatekmt6983tMatch-
ORmediatekmt6983wMatch-
ORmediatekmt6983zMatch-
ORmediatekmt6985Match-
ORmediatekmt6985tMatch-
ORmediatekmt6989Match-
ORmediatekmt6990Match-
ORmediatekmt8673Match-
ORmediatekmt8675Match-
ORmediatekmt8676Match-
ORmediatekmt8791Match-
ORmediatekmt8791tMatch-
ORmediatekmt8792Match-
ORmediatekmt8796Match-
ORmediatekmt8797Match-
ORmediatekmt8798Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mediatek | nr15 | - | cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:* |
| mediatek | nr16 | - | cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:* |
| mediatek | nr17 | - | cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:* |
| mediatek | mt2735 | - | cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:* |
| mediatek | mt6813 | - | cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:* |
| mediatek | mt6833 | - | cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* |
| mediatek | mt6833p | - | cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:* |
| mediatek | mt6835 | - | cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:* |
| mediatek | mt6853 | - | cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* |
| mediatek | mt6853t | - | cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "MediaTek, Inc.",
"product": "MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8673, MT8675, MT8676, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798",
"versions": [
{
"version": "Modem NR15, NR16, and NR17",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2023-32886
2024-01-02 03:15:08
prion
prion
Out-of-bounds
2024-01-02 03:15:00
cvelist
cvelist
CVE-2023-32886
2024-01-02 02:50:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
34.4%
Related for CVE-2023-32886