Lucene search
K
MediatekLr13

15 matches found

CVE
CVE
added 2025/01/06 3:17 a.m.164 views

CVE-2024-20154

MediaTek Modem vulnerability CVE-2024-20154 arises from an out-of-bounds write due to a missing bounds check in the Modem component. This can lead to remote code execution when a UE connects to a rogue base station, with no additional execution privileges required and no user interaction. Affecte...

8.8CVSS7.8AI score0.03945EPSS
CVE
CVE
added 2022/07/06 1:5 p.m.155 views

CVE-2022-21744

CVE-2022-21744 concerns the Modem 2G RR from MediaTek, where a missing bounds check enables an out-of-bounds write in PNCD decoding that can cause remote code execution. Exploitation requires no user interaction and is possible over the network; the issue is cited with Patch ID MOLY00810064 and I...

10CVSS9.4AI score0.03111EPSS
CVE
CVE
added 2022/07/06 1:5 p.m.138 views

CVE-2022-20083

CVE-2022-20083 affects the Modem 2G/3G CC. The issue is an out-of-bounds write caused by a missing bounds check during decoding of a combined FACILITY, enabling remote code execution with network access and no user interaction. Public references in the provided documents point to a patch ID MOLY0...

10CVSS9.2AI score0.02532EPSS
CVE
CVE
added 2024/01/02 2:50 a.m.124 views

CVE-2023-32890

CVE-2023-32890 affects MediaTek Modem EMM. The issue is a crash caused by improper input validation, enabling remote denial of service with no user interaction. Exploitation is possible over the network (per CVSS) and does not require privileges. A patch identified as MOLY01183647 (MSV-963) is pr...

7.5CVSS7.4AI score0.0076EPSS
CVE
CVE
added 2024/04/01 2:34 a.m.124 views

CVE-2024-20039

The CVE-2024-20039 issue concerns MediaTek modem protocol components with a missing bounds check that enables an out-of-bounds write. This can lead to remote code execution with no privileges or user interaction required. Concrete details across connected documents identify the affected area as t...

8.8CVSS7.7AI score0.00878EPSS
CVE
CVE
added 2023/10/02 2:5 a.m.117 views

CVE-2023-20819

CVE-2023-20819 affects MediaTek’s CDMA PPP protocol component, where a missing bounds check can enable an out-of-bounds write and remote escalation of privilege with no user interaction. A patch is identified as MOLY01068234 (Issue ALPS08010003); exploitation status is not provided in the availab...

9.8CVSS9.1AI score0.00609EPSS
CVE
CVE
added 2022/01/04 3:54 p.m.101 views

CVE-2021-40148

CVE-2021-40148 affects Modem EMM in Google Android devices. Root cause: missing data encryption in the modem EMM leads to information disclosure without privileges or user interaction. Impact: remote information disclosure. Remediation: patch MOLY00716585 (Issue ALPS05886933) has been released. E...

7.5CVSS7AI score0.0074EPSS
CVE
CVE
added 2024/01/02 2:49 a.m.99 views

CVE-2023-32874

CVE-2023-32874 is a MediaTek Modem IMS Stack vulnerability. The issue is a possible out-of-bounds write caused by a missing bounds check in the Modem IMS Stack, which the sources state could lead to remote code execution with no additional privileges and no user interaction required. The vulnerab...

9.8CVSS9.2AI score0.01026EPSS
CVE
CVE
added 2025/01/06 3:17 a.m.83 views

CVE-2024-20150

CVE-2024-20150 affects the Modem component in MediaTek chipsets. A logic error in the Modem can cause a system crash, enabling remote denial of service without privileges and without user interaction. The CVSS v3.1 base score is 7.5 (Network, Privileges Required: None, User Interaction: None, Ava...

7.5CVSS7.2AI score0.00757EPSS
CVE
CVE
added 2024/01/02 2:50 a.m.67 views

CVE-2023-32891

CVE-2023-32891 relates to an out-of-bounds write in the bluetooth service caused by improper input validation. Affected component is described as the Bluetooth service (no specific vendor/version in provided text beyond MediaTek-linked sources). The underlying root cause is input validation weakn...

6.7CVSS6.7AI score0.00093EPSS
CVE
CVE
added 2025/01/06 3:17 a.m.64 views

CVE-2024-20149

CVE-2024-20149 affects the Modem component, with an input validation flaw that can cause a remote denial of service (no privileges, no user interaction needed). The vulnerability is associated with a network-based attack vector and a high impact on availability (CVSS 3.1 base score 7.5). Affected...

7.5CVSS7.2AI score0.00723EPSS
CVE
CVE
added 2025/05/05 2:49 a.m.62 views

CVE-2025-20667

CVE-2025-20667 concerns a remote information disclosure in the Modem due to incorrect error handling. The vulnerability allows information disclosure without user interaction if a user equipment (UE) connects to a rogue base station controlled by an attacker, with no additional execution privileg...

7.5CVSS6.2AI score0.00375EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.61 views

CVE-2022-26446

CVE-2022-26446 affects the Modem 4G RRC. The root cause is improper input validation in handling certain SIB12 (CMAS message) input, causing a system crash and remote denial of service. Exploitation is described as possible without additional execution privileges and without user interaction. The...

7.5CVSS7.5AI score0.01051EPSS
CVE
CVE
added 2025/06/02 2:29 a.m.56 views

CVE-2025-20678

The CVE-2025-20678 entry affects MediaTek IMS service. The vulnerability arises from incorrect error handling in the ims service, enabling remote denial of service when a UE connects to a rogue base station; exploitation requires no user interaction and no privileges. Reported impact is a system ...

6.5CVSS7AI score0.00309EPSS
CVE
CVE
added 2026/03/02 8:39 a.m.24 views

CVE-2026-20434

CVE-2026-20434 affects the Modem component, where an out-of-bounds write due to a missing bounds check could allow remote escalation of privileges if a UE connects to a rogue base station. Exploitation requires no extra execution privileges but does require user interaction. Public disclosures in...

7.5CVSS6.1AI score0.00219EPSS