129 matches found
CVE-2022-21744
CVE-2022-21744 concerns the Modem 2G RR from MediaTek, where a missing bounds check enables an out-of-bounds write in PNCD decoding that can cause remote code execution. Exploitation requires no user interaction and is possible over the network; the issue is cited with Patch ID MOLY00810064 and I...
CVE-2022-21744
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data PNCD improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for...
PT-2022-15084 · Unknown · Modem 2G Rrm
Name of the Vulnerable Software and Affected Versions: Modem 2G RR affected versions not specified Description: The issue is related to a missing bounds check, which can lead to an out of bounds write. This could result in remote code execution when decoding GPRS Packet Neighbour Cell Data PNCD...
ASB-A-231275475
In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-231281131
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data PNCD improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-22813
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit policy file. Affected Products:...
Some Android users can disable 2G now and why that is a good thing
The Electronic Frontier Foundation EFF has happily informed people that Google has quietly pushed a new feature to its Android operating system allowing users to optionally disable 2G at the modem level in their phones. This is beneficial because 2G uses weak encryption between the tower and devi...
CVE-2021-32486
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928...
CVE-2021-32487
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456...
CVE-2021-32485
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926...
CVE-2021-32484
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964917...
Heap overflow
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928...
Heap overflow
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926...
Heap overflow
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456...
CVE-2021-32487
CVE-2021-32487 affects the Mediatek modem 2G RRM, where a heap-based buffer overflow can cause a remote denial of service with no privileges and no user interaction. The issue is mitigated by patch MOLY00500736 (ALPS04938456); no exploit details beyond the described vector are provided in the con...
CVE-2021-32487
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456...
CVE-2021-32486
The CVE-2021-32486 issue affects the modem 2G RRM in MediaTek-based devices, described as a heap-based buffer overflow that can cause a remote system crash and denial of service without user interaction or privileges. The vulnerability is quantified with high impact (CVSS 3.1/7.5; CVSS 2.0/7.8) a...
CVE-2021-32486
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928...
CVE-2021-32485
Affected component: Mediatek modem 2G RRM. The issue is a heap buffer overflow in the modem driver, leading to remote denial of service without privileges or user interaction. Impact: system crash and DoS. Remediation: patch MOLY00500621 (Issue ALPS04964926) is available. Exploitation details are...
CVE-2021-32485
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926...