Lucene search

[email protected]NVD:CVE-2021-0620

HistoryNov 18, 2021 - 3:15 p.m.

CVE-2021-0620

2021-11-1815:15:08

CWE-125

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561381.

Affected configurations

NVD

Node

googleandroidMatch10.0

googleandroidMatch11.0

AND

mediatekmt5522Match-

mediatekmt5527Match-

mediatekmt5597Match-

mediatekmt5598Match-

mediatekmt5599Match-

mediatekmt6580Match-

mediatekmt6735Match-

mediatekmt6737Match-

mediatekmt6739Match-

mediatekmt6750sMatch-

mediatekmt6753Match-

mediatekmt6755sMatch-

mediatekmt6757Match-

mediatekmt6757cMatch-

mediatekmt6757cdMatch-

mediatekmt6757chMatch-

mediatekmt6761Match-

mediatekmt6762Match-

mediatekmt6763Match-

mediatekmt6765Match-

mediatekmt6768Match-

mediatekmt6771Match-

mediatekmt6779Match-

mediatekmt6785Match-

mediatekmt6833Match-

mediatekmt6853Match-

mediatekmt6853tMatch-

mediatekmt6873Match-

mediatekmt6877Match-

mediatekmt6885Match-

mediatekmt6889Match-

mediatekmt6893Match-

mediatekmt8163Match-

mediatekmt8167Match-

mediatekmt8167sMatch-

mediatekmt8168Match-

mediatekmt8173Match-

mediatekmt8175Match-

mediatekmt8183Match-

mediatekmt8185Match-

mediatekmt8195Match-

mediatekmt8321Match-

mediatekmt8362aMatch-

mediatekmt8365Match-

mediatekmt8385Match-

mediatekmt8765Match-

mediatekmt8766Match-

mediatekmt8768Match-

mediatekmt8786Match-

mediatekmt8788Match-

mediatekmt8789Match-

mediatekmt8791Match-

mediatekmt8797Match-

mediatekmt9256Match-

mediatekmt9285Match-

mediatekmt9286Match-

mediatekmt9288Match-

mediatekmt9629Match-

mediatekmt9631Match-

mediatekmt9632Match-

mediatekmt9636Match-

mediatekmt9638Match-

mediatekmt9639Match-

mediatekmt9650Match-

mediatekmt9652Match-

mediatekmt9669Match-

mediatekmt9670Match-

mediatekmt9675Match-

mediatekmt9685Match-

mediatekmt9686Match-

mediatekmt9688Match-

mediatekmt9931Match-

mediatekmt9950Match-

mediatekmt9970Match-

mediatekmt9980Match-

mediatekmt9981Match-

References

corp.mediatek.com/product-security-bulletin/November-2021

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2021-0620

prion1 cvelist1 cve1