Rdk-b@2022q3 Security Vulnerabilities and Issues — Rdk-b@2022q3 CVE List

Lucene search

RdkcentralRdk-b2022q3

35 matches found

CVE•added 2024/02/05 6:15 a.m.•108 views

CVE-2024-20006

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148.

6.7CVSS6.7AI score0.0005EPSS

CVE•added 2024/04/01 3:15 a.m.•90 views

CVE-2024-20040

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530...

8.8CVSS7.3AI score0.00888EPSS

CVE•added 2023/09/04 3:15 a.m.•89 views

CVE-2023-20829

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148.

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2024/05/06 3:15 a.m.•87 views

CVE-2023-32871

In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.

5.3CVSS7AI score0.00004EPSS

CVE•added 2023/09/04 3:15 a.m.•80 views

CVE-2023-20832

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2025/01/06 4:15 a.m.•79 views

CVE-2024-20144

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; I...

6.6CVSS7.1AI score0.00011EPSS

CVE•added 2024/04/01 3:15 a.m.•75 views

CVE-2024-20049

In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541765; Issue ID: ALPS08541765.

4.4CVSS6AI score0.00013EPSS

CVE•added 2024/03/04 3:15 a.m.•71 views

CVE-2024-20023

In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.

6.7CVSS6.9AI score0.00015EPSS

CVE•added 2025/01/06 4:15 a.m.•71 views

CVE-2024-20145

6.6CVSS7.1AI score0.00011EPSS

CVE•added 2024/05/06 3:15 a.m.•70 views

CVE-2024-20056

In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528185; Issue ID: ALPS08528185.

6.7CVSS6.9AI score0.00011EPSS

CVE•added 2025/01/06 4:15 a.m.•70 views

CVE-2024-20143

6.6CVSS7.1AI score0.00011EPSS

CVE•added 2025/02/03 4:15 a.m.•70 views

CVE-2025-20635

6.6CVSS6.6AI score0.00011EPSS

CVE•added 2024/07/01 5:15 a.m.•63 views

CVE-2024-20081

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412.

9.8CVSS7.2AI score0.00049EPSS

CVE•added 2024/04/01 3:15 a.m.•62 views

CVE-2024-20051

In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541758.

2.3CVSS6.5AI score0.00013EPSS

CVE•added 2024/04/01 3:15 a.m.•60 views

CVE-2024-20050

4.4CVSS6AI score0.00013EPSS

CVE•added 2023/09/04 3:15 a.m.•59 views

CVE-2023-20830

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2024/04/01 3:15 a.m.•56 views

CVE-2024-20053

In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541764.

8.4CVSS7AI score0.00022EPSS

CVE•added 2024/04/01 3:15 a.m.•55 views

CVE-2024-20054

In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580200; Issue ID: ALPS08580200.

6.6CVSS6.9AI score0.00066EPSS

CVE•added 2024/11/04 2:15 a.m.•55 views

CVE-2024-20104

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.

8.4CVSS7.2AI score0.00011EPSS

CVE•added 2023/09/04 3:15 a.m.•52 views

CVE-2023-20821

In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2024/04/01 3:15 a.m.•50 views

CVE-2024-20052

4.4CVSS6AI score0.00011EPSS

CVE•added 2024/07/01 5:15 a.m.•50 views

CVE-2024-20080

In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424.

9.8CVSS7.5AI score0.00149EPSS

CVE•added 2025/03/03 3:15 a.m.•50 views

CVE-2025-20650

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issu...

6.8CVSS6.9AI score0.00016EPSS

CVE•added 2023/08/07 4:15 a.m.•46 views

CVE-2023-20796

In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790.

4.4CVSS4.8AI score0.0001EPSS

CVE•added 2023/09/04 3:15 a.m.•45 views

CVE-2023-20828

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2025/03/03 3:15 a.m.•45 views

CVE-2025-20651

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ...

4.1CVSS6.4AI score0.00014EPSS

CVE•added 2024/09/02 5:15 a.m.•43 views

CVE-2024-20085

In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560.

4.4CVSS6.2AI score0.00012EPSS

CVE•added 2023/08/07 4:15 a.m.•42 views

CVE-2023-20790

In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.

4.4CVSS4.4AI score0.00014EPSS

CVE•added 2023/06/06 1:15 p.m.•40 views

CVE-2023-20725

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 o...

6.7CVSS6.7AI score0.00011EPSS

CVE•added 2024/09/02 5:15 a.m.•39 views

CVE-2024-20084

4.4CVSS6.2AI score0.00012EPSS

CVE•added 2023/09/04 3:15 a.m.•38 views

CVE-2023-20831

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2024/09/02 5:15 a.m.•38 views

CVE-2024-20089

In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.

7.5CVSS7AI score0.00223EPSS

CVE•added 2024/12/02 4:15 a.m.•37 views

CVE-2024-20136

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09121847; Issue ID: MSV-1821.

6.2CVSS6.4AI score0.00011EPSS

CVE•added 2024/11/04 2:15 a.m.•36 views

CVE-2024-20107

6.2CVSS6.2AI score0.00005EPSS

CVE•added 2023/12/04 4:15 a.m.•35 views

CVE-2023-32855

In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204.

6.7CVSS6.6AI score0.00029EPSS