Lucene search
K
MediatekLr12a

17 matches found

CVE
CVE
added 2025/01/06 3:17 a.m.164 views

CVE-2024-20154

MediaTek Modem vulnerability CVE-2024-20154 arises from an out-of-bounds write due to a missing bounds check in the Modem component. This can lead to remote code execution when a UE connects to a rogue base station, with no additional execution privileges required and no user interaction. Affecte...

8.8CVSS7.8AI score0.03945EPSS
CVE
CVE
added 2022/07/06 1:5 p.m.155 views

CVE-2022-21744

CVE-2022-21744 concerns the Modem 2G RR from MediaTek, where a missing bounds check enables an out-of-bounds write in PNCD decoding that can cause remote code execution. Exploitation requires no user interaction and is possible over the network; the issue is cited with Patch ID MOLY00810064 and I...

10CVSS9.4AI score0.03111EPSS
CVE
CVE
added 2022/07/06 1:5 p.m.138 views

CVE-2022-20083

CVE-2022-20083 affects the Modem 2G/3G CC. The issue is an out-of-bounds write caused by a missing bounds check during decoding of a combined FACILITY, enabling remote code execution with network access and no user interaction. Public references in the provided documents point to a patch ID MOLY0...

10CVSS9.2AI score0.02532EPSS
CVE
CVE
added 2024/04/01 2:34 a.m.124 views

CVE-2024-20039

The CVE-2024-20039 issue concerns MediaTek modem protocol components with a missing bounds check that enables an out-of-bounds write. This can lead to remote code execution with no privileges or user interaction required. Concrete details across connected documents identify the affected area as t...

8.8CVSS7.7AI score0.00878EPSS
CVE
CVE
added 2023/10/02 2:5 a.m.117 views

CVE-2023-20819

CVE-2023-20819 affects MediaTek’s CDMA PPP protocol component, where a missing bounds check can enable an out-of-bounds write and remote escalation of privilege with no user interaction. A patch is identified as MOLY01068234 (Issue ALPS08010003); exploitation status is not provided in the availab...

9.8CVSS9.1AI score0.00609EPSS
CVE
CVE
added 2024/07/01 3:18 a.m.109 views

CVE-2024-20077

CVE-2024-20077 affects MediaTek Modem. The issue is due to incorrect error handling in the Modem, which can cause a remote system crash and denial of service without requiring privileges or user interaction. Exploitation would use a network vector (AV:N, AC:L, PR:N, UI:N) and could impact availab...

7.5CVSS7AI score0.00744EPSS
CVE
CVE
added 2024/07/01 3:18 a.m.105 views

CVE-2024-20076

CVE-2024-20076 concerns MediaTek Modem vulnerability where incorrect error handling can crash the system, enabling remote DoS with no privileges or user interaction. Affected component: Modem in MediaTek firmware; root cause described as error handling flaw. Severity/impact as reported: remote, u...

7.5CVSS7AI score0.00744EPSS
CVE
CVE
added 2022/01/04 3:54 p.m.100 views

CVE-2021-40148

CVE-2021-40148 affects Modem EMM in Google Android devices. Root cause: missing data encryption in the modem EMM leads to information disclosure without privileges or user interaction. Impact: remote information disclosure. Remediation: patch MOLY00716585 (Issue ALPS05886933) has been released. E...

7.5CVSS7AI score0.0074EPSS
CVE
CVE
added 2025/01/06 3:17 a.m.83 views

CVE-2024-20150

CVE-2024-20150 affects the Modem component in MediaTek chipsets. A logic error in the Modem can cause a system crash, enabling remote denial of service without privileges and without user interaction. The CVSS v3.1 base score is 7.5 (Network, Privileges Required: None, User Interaction: None, Ava...

7.5CVSS7.2AI score0.00757EPSS
CVE
CVE
added 2025/05/05 2:49 a.m.62 views

CVE-2025-20667

CVE-2025-20667 concerns a remote information disclosure in the Modem due to incorrect error handling. The vulnerability allows information disclosure without user interaction if a user equipment (UE) connects to a rogue base station controlled by an attacker, with no additional execution privileg...

7.5CVSS6.2AI score0.00375EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.61 views

CVE-2022-26446

CVE-2022-26446 affects the Modem 4G RRC. The root cause is improper input validation in handling certain SIB12 (CMAS message) input, causing a system crash and remote denial of service. Exploitation is described as possible without additional execution privileges and without user interaction. The...

7.5CVSS7.5AI score0.01051EPSS
CVE
CVE
added 2023/11/06 3:50 a.m.59 views

CVE-2023-32840

Summary: CVE-2023-32840 affects the modem CCCI component. The vulnerability is an out-of-bounds write caused by a missing bounds check, leading to local privilege escalation with System execution privileges required. Exploitation may require user interaction. Patch reference exists (MOLY01138425;...

8.4CVSS6.6AI score0.00183EPSS
CVE
CVE
added 2025/06/02 2:29 a.m.56 views

CVE-2025-20678

The CVE-2025-20678 entry affects MediaTek IMS service. The vulnerability arises from incorrect error handling in the ims service, enabling remote denial of service when a UE connects to a rogue base station; exploitation requires no user interaction and no privileges. Reported impact is a system ...

6.5CVSS7AI score0.00309EPSS
CVE
CVE
added 2026/03/02 8:39 a.m.24 views

CVE-2026-20434

CVE-2026-20434 affects the Modem component, where an out-of-bounds write due to a missing bounds check could allow remote escalation of privileges if a UE connects to a rogue base station. Exploitation requires no extra execution privileges but does require user interaction. Public disclosures in...

7.5CVSS6.1AI score0.00219EPSS
CVE
CVE
added 2025/11/04 6:19 a.m.21 views

CVE-2025-20727

CVE-2025-20727 affects MediaTek MoLY modem software, describing a heap-buffer overflow that enables out-of-bounds writes and remote escalation of privilege when a UE connects to a rogue base station. The vulnerability arises from an out-of-bounds write in the Modem component, with no user interac...

8.1CVSS7AI score0.00513EPSS
CVE
CVE
added 2025/11/04 6:19 a.m.15 views

CVE-2025-20725

CVE-2025-20725 affects MediaTek IMS service with an out-of-bounds write due to a missing bounds check. The issue enables remote escalation of privilege when a user equipment connects to a rogue base station; exploitation does not require user interaction. Patch MOLY01671924 (MSV-4620) is referenc...

7.5CVSS6.5AI score0.00495EPSS
CVE
CVE
added 2025/11/04 6:19 a.m.13 views

CVE-2025-20726

CVE-2025-20726 affects MediaTek’s Modem, where an incorrect bounds check enables an out-of-bounds write. This could permit remote escalation of privilege if a user equipment (UE) connects to a rogue base station; exploitation requires no user interaction. A patch is available as MOLY01672598 (MSV...

7.5CVSS6.7AI score0.00468EPSS