CVE-2023-20810

2023-08-0703:21:58

MediaTek

www.cve.org

cve-2023-20810

patch id: dtv03692061

issue id: dtv03692061

local information disclosure

system execution privileges

AI Score

4.7

Confidence

High

EPSS

Percentile

5.1%

JSON

In IOMMU, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061.

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT5221, MT5583, MT5691, MT5695, MT9010, MT9011, MT9012, MT9016, MT9020, MT9021, MT9022, MT9030, MT9031, MT9032, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9666, MT9667, MT9669, MT9671, MT9675, MT9685, MT9686, MT9688",
    "versions": [
      {
        "version": "Android 10.0, 11.0 / Linux 4.19",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/August-2023