CVE-2023-32840

In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 MSV-862...

Out-of-bounds

In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 MSV-862...

CVE-2023-32840

In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 MSV-862...

CVE-2023-32840

In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 MSV-862...

CVE-2023-32840

Summary: CVE-2023-32840 affects the modem CCCI component. The vulnerability is an out-of-bounds write caused by a missing bounds check, leading to local privilege escalation with System execution privileges required. Exploitation may require user interaction. Patch reference exists (MOLY01138425;...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the modem CCCI module, which may result in out-of-bounds writes...

PT-2023-24069 · Unknown · Modem Ccci

Name of the Vulnerable Software and Affected Versions: Modem CCCI affected versions not specified Description: The issue is related to a possible out of bounds write due to a missing bounds check in the modem CCCI. This could lead to local escalation of privilege with System execution privileges...

Nokia G-040W-Q Security Vulnerability

The Nokia G-040W-Q is a modem from Nokia of Finland. A security vulnerability exists in Nokia G-040W-Q that originates from allowing the use of weak passwords...

PT-2023-9844 · Mediatek · Mediatek Modem

Name of the Vulnerable Software and Affected Versions: MediaTek Modem affected versions not specified Description: The issue is related to a possible out of bounds write due to a missing bounds check in the Modem. This could lead to remote code execution if a UE has connected to a rogue base...

CVE-2023-35649

In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation...

Out-of-bounds

In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35649

In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35649

In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35649

The CVE-2023-35649 issue concerns Exynos modem firmware: multiple functions in Exynos modem files allow an out-of-bounds write due to a missing bounds check. This could enable remote code execution with system-level privileges and does not require user interaction. The description and connected r...

Google Pixel Buffer Error Vulnerability

Google Pixel is a smartphone from Google, Inc. in the United States. Google Pixel suffers from a security vulnerability that stems from a lack of boundary checking in the several functions method of Exynos modem files, which may result in out-of-bounds writes. This could lead to remote code...

CVE-2023-31096

An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory IOCTL 0x1b2150. An attacker can exploit this to elevate privileges from a medium-integrity process to...

CVE-2023-31096

An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory IOCTL 0x1b2150. An attacker can exploit this to elevate privileges from a medium-integrity process to...

Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver Buffer Error Vulnerability

Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver is a driver from Broadcom Corporation USA. A security vulnerability exists in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver version 2.2.100.1 and earlier, which stems from the presence of a stack overflow vulnerability. An attacker could exploit...

PT-2023-23152

Name of the Vulnerable Software and Affected Versions Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver versions through 2.2.100.1 Description An issue exists in the Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver AGRSM64.sys that allows for local privilege escalation to SYSTEM privileges. This i...

CVE-2023-31096

CVE-2023-31096 affects Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver (AGRSM64.sys) up to version 2.2.100.1, enabling Local Privilege Escalation to SYSTEM via a stack overflow in RTLCopyMemory (IOCTL 0x1b2150). The issue can bypass kernel protections (AV, PPL) and may be used in BYOVD ransomwar...