CVE-2023-20819

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-20819
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/October-2023 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:mediatek:lr11:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6570:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6595:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6737m:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6738:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6775:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8666a:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8766z:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768a:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768b:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768z:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8788t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8788x:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8788z:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2023-10-02 03:15

Updated : 2023-10-03 00:56

NVD link : CVE-2023-20819

Mitre link : CVE-2023-20819

CVE.ORG link : CVE-2023-20819

JSON object : View

Products Affected

mediatek

  • mt6886
  • mt6763
  • mt6889
  • mt6765t
  • mt8788
  • mt2731
  • mt6769t
  • mt8788x
  • mt6765
  • mt8781
  • mt8786
  • mt8666a
  • mt8667
  • mt6879
  • mt6877
  • mt6769
  • mt8791t
  • mt6758
  • mt6896
  • mt6768
  • mt6891
  • mt6595
  • mt8768z
  • mt6795
  • mt6883
  • mt8768a
  • mt6755
  • mt6757
  • mt8766z
  • mt8766
  • mt6781
  • mt6775
  • mt6799
  • lr13
  • mt8768t
  • mt6753
  • mt6771
  • lr12a
  • mt6895
  • mt6738
  • mt8765
  • mt6762d
  • mt8788z
  • mt8675
  • mt6761
  • mt6989
  • mt6580
  • mt6983
  • mt6875t
  • mt6737m
  • mt6833
  • mt6732
  • mt6797
  • mt6873
  • mt8797
  • mt6985
  • mt6739
  • mt8798
  • lr11
  • mt6735
  • mt6895t
  • mt6785
  • mt6813
  • mt8788t
  • mt6878
  • mt6750s
  • mt6779
  • mt6897
  • nr15
  • mt8768b
  • mt6570
  • mt6750
  • mt6853
  • mt6885
  • mt8791
  • mt6762
  • mt6752
  • mt6815
  • mt6893
  • mt6789
  • mt6855
  • mt6875
  • nr17
  • mt6783
  • nr16
  • mt6767
  • mt6762m
  • mt6737
  • mt8673
  • mt8768
  • mt8666
  • mt6835
  • mt6785t
  • mt6769z
CWE
CWE-787

Out-of-bounds Write