CVE-2023-32890

2024-01-0202:50:07

MediaTek

github.com

modem

emm

system crash

input validation

vulnerability

remote denial of service

patch

issue id

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.9%

JSON

In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT2731, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788",
    "versions": [
      {
        "version": "Modem LR12A",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/April-2024