CVE-2023-32873

{"id": "CVE-2023-32873", "cveTags": [], "metrics": {}, "published": "2024-05-06T03:15:09.387", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/May-2024", "source": "security@mediatek.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security@mediatek.com", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08583919; Issue ID: ALPS08304227."}, {"lang": "es", "value": "En keyInstall, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08583919; ID del problema: ALPS08304227."}], "lastModified": "2024-05-06T12:44:56.377", "sourceIdentifier": "security@mediatek.com"}