CVE-2023-20809
CVE-2023-20809 concerns MediaTek’s vdec component, where a missing bounds check enables an out-of-bounds write. This can lead to local privilege escalation with system privileges, and exploitation does not require user interaction. The advisory notes a patch: DTV03751198 (Issue ID: DTV03751198). ...