Lucene search

[email protected]NVD:CVE-2023-20819

HistoryOct 02, 2023 - 3:15 a.m.

CVE-2023-20819

2023-10-0203:15:09

CWE-787

[email protected]

web.nvd.nist.gov

cdma

ppp

protocol

out of bounds write

remote privilege escalation

patch

issue

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.003

Percentile

68.6%

JSON

In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.

Affected configurations

Nvd

Node

mediateklr11Match-

mediateklr12aMatch-

mediateklr13Match-

mediateknr15Match-

mediateknr16Match-

mediateknr17Match-

AND

mediatekmt2731Match-

mediatekmt6570Match-

mediatekmt6580Match-

mediatekmt6595Match-

mediatekmt6732Match-

mediatekmt6735Match-

mediatekmt6737Match-

mediatekmt6737mMatch-

mediatekmt6738Match-

mediatekmt6739Match-

mediatekmt6750Match-

mediatekmt6750sMatch-

mediatekmt6752Match-

mediatekmt6753Match-

mediatekmt6755Match-

mediatekmt6757Match-

mediatekmt6758Match-

mediatekmt6761Match-

mediatekmt6762Match-

mediatekmt6762dMatch-

mediatekmt6762mMatch-

mediatekmt6763Match-

mediatekmt6765Match-

mediatekmt6765tMatch-

mediatekmt6767Match-

mediatekmt6768Match-

mediatekmt6769Match-

mediatekmt6769tMatch-

mediatekmt6769zMatch-

mediatekmt6771Match-

mediatekmt6775Match-

mediatekmt6779Match-

mediatekmt6781Match-

mediatekmt6783Match-

mediatekmt6785Match-

mediatekmt6785tMatch-

mediatekmt6789Match-

mediatekmt6795Match-

mediatekmt6797Match-

mediatekmt6799Match-

mediatekmt6813Match-

mediatekmt6815Match-

mediatekmt6833Match-

mediatekmt6835Match-

mediatekmt6853Match-

mediatekmt6855Match-

mediatekmt6873Match-

mediatekmt6875Match-

mediatekmt6875tMatch-

mediatekmt6877Match-

mediatekmt6878Match-

mediatekmt6879Match-

mediatekmt6883Match-

mediatekmt6885Match-

mediatekmt6886Match-

mediatekmt6889Match-

mediatekmt6891Match-

mediatekmt6893Match-

mediatekmt6895Match-

mediatekmt6895tMatch-

mediatekmt6896Match-

mediatekmt6897Match-

mediatekmt6983Match-

mediatekmt6985Match-

mediatekmt6989Match-

mediatekmt8666Match-

mediatekmt8666aMatch-

mediatekmt8667Match-

mediatekmt8673Match-

mediatekmt8675Match-

mediatekmt8765Match-

mediatekmt8766Match-

mediatekmt8766zMatch-

mediatekmt8768Match-

mediatekmt8768aMatch-

mediatekmt8768bMatch-

mediatekmt8768tMatch-

mediatekmt8768zMatch-

mediatekmt8781Match-

mediatekmt8786Match-

mediatekmt8788Match-

mediatekmt8788tMatch-

mediatekmt8788xMatch-

mediatekmt8788zMatch-

mediatekmt8791Match-

mediatekmt8791tMatch-

mediatekmt8797Match-

mediatekmt8798Match-

VendorProductVersionCPE
mediateklr11-cpe:2.3:o:mediatek:lr11:-:*:*:*:*:*:*:*
mediateklr12a-cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*
mediateklr13-cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*
mediateknr15-cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*
mediateknr16-cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*
mediateknr17-cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*
mediatekmt2731-cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*
mediatekmt6570-cpe:2.3:h:mediatek:mt6570:-:*:*:*:*:*:*:*
mediatekmt6580-cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*
mediatekmt6595-cpe:2.3:h:mediatek:mt6595:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mediatek	lr11	-	cpe:2.3:o:mediatek:lr11:-:::::::*
mediatek	lr12a	-	cpe:2.3:o:mediatek:lr12a:-:::::::*
mediatek	lr13	-	cpe:2.3:o:mediatek:lr13:-:::::::*
mediatek	nr15	-	cpe:2.3:o:mediatek:nr15:-:::::::*
mediatek	nr16	-	cpe:2.3:o:mediatek:nr16:-:::::::*
mediatek	nr17	-	cpe:2.3:o:mediatek:nr17:-:::::::*
mediatek	mt2731	-	cpe:2.3:h:mediatek:mt2731:-:::::::*
mediatek	mt6570	-	cpe:2.3:h:mediatek:mt6570:-:::::::*
mediatek	mt6580	-	cpe:2.3:h:mediatek:mt6580:-:::::::*
mediatek	mt6595	-	cpe:2.3:h:mediatek:mt6595:-:::::::*

Rows per page:

1-10 of 941

References

corp.mediatek.com/product-security-bulletin/October-2023

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.003

Percentile

68.6%

JSON

Related for NVD:CVE-2023-20819

prion1 cvelist1 vulnrichment1 cve1