322 matches found
CVE-2023-32872
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607...
CVE-2023-32872
The CVE-2023-32872 issue is in MediaTek’s keyInstall module. It describes an out-of-bounds write caused by a missing bounds check, potentially enabling local privilege escalation to SYSTEM with no user interaction required. Public references in the connected documents consistently state this as a...
MediaTek Chip Security Breach
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips due to a lack of boundary checking in the keyInstall module, which may result in out-of-bounds writes...
MediaTek Chip Security Breach
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the keyInstall module, which could lead to information disclosure...
MediaTek Chip Security Breach
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the keyInstall module, which could lead to information disclosure...
PT-2024-12351 · Mediatek +1 · Mt6580 +1
Name of the Vulnerable Software and Affected Versions: No specific software name or version is mentioned in the provided descriptions. Description: In the keyInstall function, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure...
PT-2024-12352 · Mediatek +1 · Mt6580 +1
Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: In the keyInstall function, there is a possible information disclosure due to a missing bounds check. This could lead to local information...
CVE-2023-32835
In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918...
CVE-2023-32835
In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918...
CVE-2023-32835
CVE-2023-32835 affects MediaTek devices, specifically the keyinstall module. The issue is a memory corruption due to a type confusion vulnerability, leading to local elevation of privilege with System execution privileges needed. Exploitation requires no user interaction per the initial descripti...
MediaTek Chip Security Breach
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a type confusion issue in the keyinstall module, which may result in memory corruption...
PT-2023-24064
Name of the Vulnerable Software and Affected Versions keyinstall affected versions not specified Description The issue is related to a possible memory corruption due to type confusion in keyinstall. This could lead to local escalation of privilege, with System execution privileges needed. User...
The vulnerability of the keyinstall component in MediaTek’s microprogramming software allows a hacker to enhance their privileges.
The vulnerability of the keyinstall component in MediaTek’s microprogramming software is related to the execution of operations outside the buffer in memory due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the keyinstall component in MediaTek’s microprogramming software allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the keyinstall component in MediaTek’s microprogramming software is related to insufficient protection of sensitive data due to incorrect validation of input data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
CVE-2023-20833
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764...
CVE-2023-20833
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764...
Information disclosure
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764...
CVE-2023-20833
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764...
CVE-2023-20833
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764...
CVE-2023-20833
The CVE-2023-20833 issue concerns MediaTek devices featuring the keyinstall component. A missing bounds check in keyinstall is reported to cause local information disclosure, with the prerequisite that system execution privileges are required and no user interaction is needed for exploitation. Th...