2469 matches found
CVE-2024-20151
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01399339; Issue ID: MSV-1928...
CVE-2024-20150
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018...
CVE-2024-20154
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Pat...
CVE-2024-20146
In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue I...
CVE-2024-20140
In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09270402; Issue ID: MSV-2020...
CVE-2024-20144
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056;...
CVE-2024-20146
In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue I...
CVE-2024-20144
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056;...
CVE-2024-20143
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056;...
CVE-2024-20153
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598...
CVE-2024-20153
CVE-2024-20153 affects the WLAN STA module (MediaTek ecosystem) and describes a vulnerability where an attacker could coax a client to attach to an AP using a spoofed SSID, potentially causing remote information disclosure without extra privileges. Exploitation is stated as not requiring user int...
CVE-2024-20152
In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00389047 / ALPS09136505; Issue...
CVE-2024-20152
CVE-2024-20152 affects the WLAN STA driver and describes a reachable assertion caused by improper exception handling. The vulnerability permits local denial of service when a user with System privileges can trigger the condition, with no user interaction required. Reported patches include WCNCR00...
CVE-2024-20151
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01399339; Issue ID: MSV-1928...
CVE-2024-20151
The CVE-2024-20151 entry concerns MediaTek’s Modem component where an incorrect bounds check can cause an out-of-bounds write. This vulnerability could enable local escalation of privilege if an attacker already has System privileges, with no user interaction required. A patch is identified as MO...
CVE-2024-20150
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018...
CVE-2024-20150
CVE-2024-20150 affects the Modem component in MediaTek chipsets. A logic error in the Modem can cause a system crash, enabling remote denial of service without privileges and without user interaction. The CVSS v3.1 base score is 7.5 (Network, Privileges Required: None, User Interaction: None, Ava...
CVE-2024-20105
Summary (CVE-2024-20105): In the MediaTek m4u component, there is a potential out-of-bounds write due to a missing bounds check. This could enable local escalation of privilege to the System level, with no user interaction required. The CVE is associated with patch ID ALPS09062027 and issue MSV-1...
CVE-2024-20148
In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID:...
CVE-2024-20148
CVE-2024-20148 concerns MediaTek wlan STA FW where an improper input validation leads to an out-of-bounds write. The vulnerability could enable remote code execution on proximal devices with no privileges and no user interaction required. Patch IDs associated are WCNCR00389045 and ALPS09136494 (M...