114 matches found
CVE-2023-32820
CVE-2023-32820 affects MediaTek wlan firmware. The issue arises from improper input handling that can trigger a firmware assertion, potentially enabling remote denial of service without extra privileges or user interaction. Public details consistently reference a patch ID ALPS07932637 (and ALPS07...
CVE-2023-20726
The CVE-2023-20726 entry describes a GPS location information disclosure in the MediaTek mnld module caused by a missing permission check. Impact is local information disclosure with no privileges or user interaction required (CVSS v3.1 base score 3.3, LOW). Affected component: mnld in MediaTek S...
CVE-2023-32871
CVE-2023-32871 affects MediaTek DA (Device Access) in MediaTek-based platforms. The vulnerability arises from an incorrect status check, enabling local escalation of privilege with no additional execution privileges required and no user interaction. The issue is documented across multiple sources...
CVE-2024-20040
CVE-2024-20040 affects MediaTek WLAN firmware (MT6XXX/MT79XX) and stems from an out-of-bounds write caused by improper input validation. This could enable remote escalation of privilege with no additional execution privileges required and no user interaction. The CVSSv3.1 base score is 8.8 (HIGH)...
CVE-2024-20148
CVE-2024-20148 concerns MediaTek wlan STA FW where an improper input validation leads to an out-of-bounds write. The vulnerability could enable remote code execution on proximal devices with no privileges and no user interaction required. Patch IDs associated are WCNCR00389045 and ALPS09136494 (M...
CVE-2025-20656
In CVE-2025-20656, the issue is in MediaTek DA within MediaTek firmware: a possible out-of-bounds write caused by a missing bounds check. This could enable local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed and no user in...
CVE-2024-20144
CVE-2024-20144 affects V6 DA, with an out-of-bounds write caused by a missing bounds check. This can enable local escalation of privilege when an attacker has physical access, requiring user interaction for exploitation. Patch ALPS09167056 fixes MSV-2041 for affected devices. No explicit exploita...
CVE-2024-20146
The CVE-2024-20146 issue affects MediaTek wlan STA driver and is caused by improper input validation leading to an out-of-bounds write. This can allow remote code execution with no additional privileges and without user interaction, affecting adjacent systems and potentially enabling high-severit...
CVE-2024-20023
CVE-2024-20023 concerns the MediaTek/flashc component, where an out-of-bounds write can occur due to lack of validation. This could permit local escalation to SYSTEM privileges without user interaction. The issue is documented across several sources (e.g., NVD/Red Hat/NCSC etc.) and is associated...
CVE-2024-20145
CVE-2024-20145 affects MediaTek V6 DA, where a missing bounds check can lead to an out-of-bounds write. The issue enables local escalation of privilege with physical access and user interaction required for exploitation. Patch ALPS09290940 addresses the flaw (MSV-2040).
CVE-2024-20022
CVE-2024-20022 describes a missing bounds check in the lk module that could allow local escalation of privilege to SYSTEM-level execution. The issue is triggered locally (no user interaction required) and is corroborated across multiple connected sources (e.g., Red Hat advisory and other feeds) w...
CVE-2025-20635
CVE-2025-20635 concerns MediaTek V6 DA with a missing bounds check in the DA module, enabling a possible out-of-bounds write and local elevation of privilege if an attacker has physical access to the device. Exploitation requires user interaction; no remote/vector details are provided. The patch ...
CVE-2023-20842
CVE-2023-20842 affects MediaTek devices via the core component described as /imgs y s_cmdq/ . The vulnerability is an out-of-bounds write caused by missing valid range checking in imgsys_cmdq, which can enable local privilege escalation with System execution privileges after user interaction. No ...
CVE-2024-20143
CVE-2024-20143 affects V6 DA with an out-of-bounds write caused by a missing bounds check. The issue could allow local escalation of privilege on devices with physical access and requires user interaction to exploit. Patch ALPS09167056 (MSV-2069) is available. Red Hat and OSV entries corroborate ...
CVE-2024-20140
CVE-2024-20140 concerns MediaTek power module code with a missing bounds check, causing an out-of-bounds write. This can enable local escalation of privilege to System level without user interaction, as described across NVD/Red Hat/OSV/NCSC and related advisories. The root cause is an out-of-boun...
CVE-2023-20829
The CVE-2023-20829 issue affects the gps component in MediaTek-based devices, caused by a missing bounds check that enables an out-of-bounds write. This can lead to local privilege escalation to SYSTEM with no user interaction required, per the description. Reported under various feeds (NVD, Red ...
CVE-2024-20104
CVE-2024-20104 affects MediaTek DA (the DA component in MediaTek chipsets). It describes an out-of-bounds write due to a missing bounds check, potentially enabling local privilege escalation without additional execution privileges; user interaction is required to exploit. The entry cites patch AL...
CVE-2023-20832
The CVE-2023-20832 entry relates to gps with a potential out-of-bounds write due to a missing bounds check. Impact is local privilege escalation with System privileges required and no user interaction. A fix is referenced as Patch ID ALPS08014144 / Issue ID ALPS08013530; apply the patch to mitiga...
CVE-2023-20849
The CVE-2023-20849 vulnerability is in the imgsys_cmdq component and is caused by missing valid range checking, leading to a use-after-free that can enable local privilege escalation with SYSTEM privileges. Exploitation requires user interaction. Affected context references MediaTek-related discl...
CVE-2023-20734
CVE-2023-20734 affects the vcu module in MediaTek chips. The issue is described as an out-of-bounds write due to a missing bounds check, potentially enabling local escalation of privilege with SYSTEM privileges and no user interaction required. A patch is available (ALPS07645149; ALPS07645184). C...
CVE-2023-20844
CVE-2023-20844 affects the imgsys_cmdq component in MediaTek devices. The issue is an out-of-bounds read caused by missing valid range checking, potentially enabling local information disclosure with system-execution privileges required. Exploitation requires user interaction. The vulnerability i...
CVE-2024-20049
CVE-2024-20049 affects the flashc component in MediaTek-chip devices. The vulnerability is caused by an uncaught exception in flashc, enabling possible local information disclosure with System privileges required for exploitation; no user interaction is needed. A patch is available (Patch ID: ALP...
CVE-2023-32812
CVE-2023-32812 affects the gnss service in MediaTek contexts, with an out-of-bounds write caused by improper input validation. The resulting impact is local privilege escalation with SYSTEM privileges needed, and exploitation requires no user interaction. A patch is noted (ALPS08017365 / ALPS0801...
CVE-2023-20848
The CVE-2023-20848 entry concerns an out-of-bounds read in imgsys_cmdq caused by missing valid range checking, enabling local escalation of privileges with user interaction required. Documented impact is high for confidentiality/integrity/availability, and a patch ID (ALPS07340433) is noted as th...
CVE-2026-20435
CVE-2026-20435 concerns a logic error in the preloader of MediaTek-based devices that allows reading device unique identifiers. The vulnerability can enable local information disclosure with physical access and no required user interaction or execution privileges. Affected component: preloader; u...
CVE-2024-20055
In imgsys, a missing bounds check leads to local information disclosure with required System execution privileges. Exploitation requires user interaction (per CVE-2024-20055 descriptions). Patch ID ALPS08518692 is referenced; the connected PT-2024-18541 entry notes affected versions are not speci...
CVE-2024-20050
CVE-2024-20050 affects the flashc component in MediaTek-related platforms, with an uncaught exception leading to local information disclosure. Exploitation requires system execution privileges (local attack) and does not require user interaction. Patch ALPS08541757 (Issue ALPS08541757) is associa...
CVE-2024-20081
CVE-2024-20081 affects the gnss service. The issue is an out-of-bounds write caused by improper input validation, leading to local escalation of privilege with system execution privileges required. Exploitation is reported to require no user interaction. A fix is available as patch ID ALPS0871960...
CVE-2024-20051
In flashc, an uncaught exception can cause a system crash, enabling local denial of service with system execution privileges required. No user interaction is needed. A patch is referenced (ALPS08541757; ALPS08541758).
CVE-2023-20838
CVE-2023-20838 concerns the imgsys component. Multiple connected sources confirm a race-condition–driven out-of-bounds read that can leak local information and, in some scenarios, enable system-level execution with user interaction required for exploitation. Affected references consistently descr...
CVE-2024-25626
The CVE-2024-25626 issue affects Yocto Project’s BitBake/Toaster: when the Toaster web interface is running, there is missing input validation in the Toaster server that can allow remote code execution via a crafted HTTP request. Authentication is not required, and the Toaster server is not part ...
CVE-2023-20830
The CVE-2023-20830 entry describes a local out-of-bounds write in gps on MediaTek chips due to a missing bounds check. This could allow local escalation of privilege with System execution privileges; user interaction is not required. The issue is associated with a patch ID ALPS08014144 and an Iss...
CVE-2023-20843
CVE-2023-20843 involves an out-of-bounds read in the imgsys_cmdq component caused by missing valid range checking. Impact: local information disclosure with the potential for system-level execution privileges required, and exploitation reportedly needs user interaction. Affected context is MediaT...
CVE-2023-20850
The CVE concerns the imgsys_cmdq component in MediaTek chips, where an out-of-bounds write can occur due to missing valid range checking. This could permit local escalation of privilege with system execution privileges required, and user interaction is needed for exploitation. Documented impact i...
CVE-2022-32590
CVE-2022-32590 describes a use-after-free in the WLAN path that could enable local privilege escalation with SYSTEM privileges, requiring no user interaction. The description and Red Hat/NVD entries consistently reference a patch/Issue ID ALPS07299425. Connected documents confirm the issue is tie...
CVE-2023-20747
The CVE-2023-20747 issue affects the vcu module in MediaTek chips. Root cause is memory corruption due to type confusion, leading to local denial of service with system execution privileges. Exploitation details are not provided; user interaction is not required. A patch identified as ALPS0751910...
CVE-2023-20841
CVE-2023-20841 affects imgsys and is described as an out-of-bounds write caused by missing valid range checking, enabling local escalation of privileges with System execution privileges needed. User interaction is required for exploitation. Reported patch ID: ALPS07326455 (Issue ID: ALPS07326441)...
CVE-2024-20053
CVE-2024-20053 affects the flashc component. The vulnerability is an out-of-bounds write caused by an uncaught exception, enabling local escalation of privileges with System-level execution privileges required. User interaction is not required. A patch is referenced (ALPS08541757; ALPS08541764). ...
CVE-2023-20802
In imgsys, a memory corruption vulnerability arises from improper input validation that could enable local escalation of privilege requiring System execution privileges. User interaction is needed for exploitation. A patch is identified (Patch ID: ALPS07420968; Issue ID: ALPS07420976). Public tec...
CVE-2023-20821
CVE-2023-20821 concerns an out-of-bounds write in nvram due to a missing bounds check in MediaTek-based hardware. The underlying issue can allow local escalation of privilege with System execution privileges required, and exploitation does not require user interaction. Reported remediation refere...
CVE-2023-20846
CVE-2023-20846 concerns MediaTek chips where the vulnerability resides in the imgsys_cmdq path, caused by missing valid range checking that enables an out-of-bounds read. The documented impact is local information disclosure with system-level execution privileges required, and exploitation report...
CVE-2025-20650
CVE-2025-20650: A possible out-of-bounds write due to a missing bounds check could allow local elevation of privilege on affected MediaTek devices when an attacker has physical access. The vulnerability requires no additional execution privileges but does require user interaction according to the...
CVE-2022-26475
CVE-2022-26475 concerns a local privilege-escalation in MediaTek wlan due to an out-of-bounds write from a missing bounds check. Affected component is wlan code within MediaTek-based devices; exploitation would grant System-level privileges without user interaction, as described in multiple sourc...
CVE-2024-20054
CVE-2024-20054 concerns a missing bounds check in the gnss component, enabling local privilege escalation with System execution privileges required and no user interaction. The vulnerability is associated with MediaTek/gnss implementations, with a patch identified as ALPS08580200 (Issue ID: ALPS0...
CVE-2023-20828
The CVE-2023-20828 issue affects the gps component in MediaTek chips (GPS) with an out-of-bounds write caused by a missing bounds check. This can lead to local privilege escalation with SYSTEM rights and does not require user interaction. Affected details are supported by multiple sources (NVD/Re...
CVE-2023-20839
CVE-2023-20839 affects the imgsys component. The root cause is an out-of-bounds read due to missing valid range checking, leading to local information disclosure with system execution privileges required and user interaction for exploitation. The vulnerability is documented across multiple source...
CVE-2023-32810
The CVE-2023-32810 entry applies to the Bluetooth driver in MediaTek devices. The vulnerability is an out-of-bounds read caused by improper input validation in the Bluetooth driver, which can lead to local information leakage and potentially System-level execution privileges. Exploitation is desc...
CVE-2024-20052
In flashc (MediaTek chip/software context), an uncaught exception can cause information disclosure, potentially enabling local information exposure with System privileges. Exploitation requires local access; no user interaction is needed. A patch is referenced (ALPS08541757 / ALPS08541761). No ot...
CVE-2022-32589
The CVE-2022-32589 entry concerns a denial-of-service issue in the Wi‑Fi driver related to improper resource release in MediaTek-based implementations. Affected component is the Wi‑Fi driver; root cause is improper resource handling leading to a remote DoS without requiring privileges or user int...
CVE-2022-32592
The CVE-2022-32592 entry concerns MediaTek chipsets with a flaw in the cpu dvfs subsystem, where a missing bounds check enables an out-of-bounds write. This can allow local privilege escalation to SYSTEM with no user interaction required. The only remediation information present is Patch ID ALPS0...