Risk | Low |
Patch available | YES |
Number of vulnerabilities | 12 |
CVE-ID | CVE-2023-20819 CVE-2023-32819 CVE-2023-32820 CVE-2023-32821 CVE-2023-32822 CVE-2023-32823 CVE-2023-32824 CVE-2023-32826 CVE-2023-32827 CVE-2023-32828 CVE-2023-32829 CVE-2023-32830 |
CWE-ID | CWE-787 CWE-200 CWE-400 CWE-20 CWE-190 CWE-415 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software |
MT2731 Mobile applications / Mobile firmware & hardware MT6570 Mobile applications / Mobile firmware & hardware MT6580 Mobile applications / Mobile firmware & hardware MT6595 Mobile applications / Mobile firmware & hardware MT6732 Mobile applications / Mobile firmware & hardware MT6735 Mobile applications / Mobile firmware & hardware MT6737 Mobile applications / Mobile firmware & hardware MT6737M Mobile applications / Mobile firmware & hardware MT6738 Mobile applications / Mobile firmware & hardware MT6739 Mobile applications / Mobile firmware & hardware MT6750 Mobile applications / Mobile firmware & hardware MT6750S Mobile applications / Mobile firmware & hardware MT6752 Mobile applications / Mobile firmware & hardware MT6753 Mobile applications / Mobile firmware & hardware MT6755 Mobile applications / Mobile firmware & hardware MT6757 Mobile applications / Mobile firmware & hardware MT6758 Mobile applications / Mobile firmware & hardware MT6761 Mobile applications / Mobile firmware & hardware MT6762 Mobile applications / Mobile firmware & hardware MT6762D Mobile applications / Mobile firmware & hardware MT6762M Mobile applications / Mobile firmware & hardware MT6763 Mobile applications / Mobile firmware & hardware MT6765 Mobile applications / Mobile firmware & hardware MT6765T Mobile applications / Mobile firmware & hardware MT6767 Mobile applications / Mobile firmware & hardware MT6768 Mobile applications / Mobile firmware & hardware MT6769 Mobile applications / Mobile firmware & hardware MT6769T Mobile applications / Mobile firmware & hardware MT6769Z Mobile applications / Mobile firmware & hardware MT6771 Mobile applications / Mobile firmware & hardware MT6775 Mobile applications / Mobile firmware & hardware MT6783 Mobile applications / Mobile firmware & hardware MT6785T Mobile applications / Mobile firmware & hardware MT6789 Mobile applications / Mobile firmware & hardware MT6795 Mobile applications / Mobile firmware & hardware MT6797 Mobile applications / Mobile firmware & hardware MT6799 Mobile applications / Mobile firmware & hardware MT6813 Mobile applications / Mobile firmware & hardware MT6815 Mobile applications / Mobile firmware & hardware MT6833 Mobile applications / Mobile firmware & hardware MT6835 Mobile applications / Mobile firmware & hardware MT6855 Mobile applications / Mobile firmware & hardware MT6875T Mobile applications / Mobile firmware & hardware MT6878 Mobile applications / Mobile firmware & hardware MT6879 Mobile applications / Mobile firmware & hardware MT6886 Mobile applications / Mobile firmware & hardware MT6895 Mobile applications / Mobile firmware & hardware MT6895T Mobile applications / Mobile firmware & hardware MT6896 Mobile applications / Mobile firmware & hardware MT6897 Mobile applications / Mobile firmware & hardware MT6983 Mobile applications / Mobile firmware & hardware MT6985 Mobile applications / Mobile firmware & hardware MT6989 Mobile applications / Mobile firmware & hardware MT8666 Mobile applications / Mobile firmware & hardware MT8666A Mobile applications / Mobile firmware & hardware MT8667 Mobile applications / Mobile firmware & hardware MT8673 Mobile applications / Mobile firmware & hardware MT8675 Mobile applications / Mobile firmware & hardware MT8765 Mobile applications / Mobile firmware & hardware MT8766 Mobile applications / Mobile firmware & hardware MT8766Z Mobile applications / Mobile firmware & hardware MT8768 Mobile applications / Mobile firmware & hardware MT8768A Mobile applications / Mobile firmware & hardware MT8768B Mobile applications / Mobile firmware & hardware MT8768T Mobile applications / Mobile firmware & hardware MT8768Z Mobile applications / Mobile firmware & hardware MT8781 Mobile applications / Mobile firmware & hardware MT8786 Mobile applications / Mobile firmware & hardware MT8788 Mobile applications / Mobile firmware & hardware MT8788T Mobile applications / Mobile firmware & hardware MT8788X Mobile applications / Mobile firmware & hardware MT8788Z Mobile applications / Mobile firmware & hardware MT8791 Mobile applications / Mobile firmware & hardware MT8791T Mobile applications / Mobile firmware & hardware MT8798 Mobile applications / Mobile firmware & hardware MT8188 Mobile applications / Mobile firmware & hardware MT8195 Mobile applications / Mobile firmware & hardware MT5221 Mobile applications / Mobile firmware & hardware MT7663 Mobile applications / Mobile firmware & hardware MT7668 Mobile applications / Mobile firmware & hardware MT7902 Mobile applications / Mobile firmware & hardware MT7921 Mobile applications / Mobile firmware & hardware MT8168 Mobile applications / Mobile firmware & hardware MT8365 Mobile applications / Mobile firmware & hardware MT8532 Mobile applications / Mobile firmware & hardware MT8695 Mobile applications / Mobile firmware & hardware MT8789 Mobile applications / Mobile firmware & hardware MT2713 Mobile applications / Mobile firmware & hardware MT8167 Mobile applications / Mobile firmware & hardware MT8167S Mobile applications / Mobile firmware & hardware MT8175 Mobile applications / Mobile firmware & hardware MT8321 Mobile applications / Mobile firmware & hardware MT8362A Mobile applications / Mobile firmware & hardware MT8385 Mobile applications / Mobile firmware & hardware MT8390 Mobile applications / Mobile firmware & hardware MT8173 Mobile applications / Mobile firmware & hardware MT8185 Mobile applications / Mobile firmware & hardware MT8395 Mobile applications / Mobile firmware & hardware MT8183 Mobile applications / Mobile firmware & hardware MT8137 Mobile applications / Mobile firmware & hardware MT8139 Mobile applications / Mobile firmware & hardware MT8195Z Mobile applications / Mobile firmware & hardware MT5527 Mobile applications / Mobile firmware & hardware MT5583 Mobile applications / Mobile firmware & hardware MT5598 Mobile applications / Mobile firmware & hardware MT5599 Mobile applications / Mobile firmware & hardware MT5670 Mobile applications / Mobile firmware & hardware MT5680 Mobile applications / Mobile firmware & hardware MT5691 Mobile applications / Mobile firmware & hardware MT5695 Mobile applications / Mobile firmware & hardware MT5806 Mobile applications / Mobile firmware & hardware MT5813 Mobile applications / Mobile firmware & hardware MT5815 Mobile applications / Mobile firmware & hardware MT5816 Mobile applications / Mobile firmware & hardware MT5833 Mobile applications / Mobile firmware & hardware MT5835 Mobile applications / Mobile firmware & hardware MT5895 Mobile applications / Mobile firmware & hardware MT9010 Mobile applications / Mobile firmware & hardware MT9011 Mobile applications / Mobile firmware & hardware MT9012 Mobile applications / Mobile firmware & hardware MT9016 Mobile applications / Mobile firmware & hardware MT9020 Mobile applications / Mobile firmware & hardware MT9021 Mobile applications / Mobile firmware & hardware MT9022 Mobile applications / Mobile firmware & hardware MT9215 Mobile applications / Mobile firmware & hardware MT9216 Mobile applications / Mobile firmware & hardware MT9221 Mobile applications / Mobile firmware & hardware MT9222 Mobile applications / Mobile firmware & hardware MT9255 Mobile applications / Mobile firmware & hardware MT9256 Mobile applications / Mobile firmware & hardware MT9266 Mobile applications / Mobile firmware & hardware MT9269 Mobile applications / Mobile firmware & hardware MT9285 Mobile applications / Mobile firmware & hardware MT9286 Mobile applications / Mobile firmware & hardware MT9600 Mobile applications / Mobile firmware & hardware MT9602 Mobile applications / Mobile firmware & hardware MT9610 Mobile applications / Mobile firmware & hardware MT9612 Mobile applications / Mobile firmware & hardware MT9613 Mobile applications / Mobile firmware & hardware MT9615 Mobile applications / Mobile firmware & hardware MT9617 Mobile applications / Mobile firmware & hardware MT9629 Mobile applications / Mobile firmware & hardware MT9630 Mobile applications / Mobile firmware & hardware MT9631 Mobile applications / Mobile firmware & hardware MT9632 Mobile applications / Mobile firmware & hardware MT9633 Mobile applications / Mobile firmware & hardware MT9636 Mobile applications / Mobile firmware & hardware MT9638 Mobile applications / Mobile firmware & hardware MT9639 Mobile applications / Mobile firmware & hardware MT9649 Mobile applications / Mobile firmware & hardware MT9650 Mobile applications / Mobile firmware & hardware MT9652 Mobile applications / Mobile firmware & hardware MT9653 Mobile applications / Mobile firmware & hardware MT9660 Mobile applications / Mobile firmware & hardware MT9666 Mobile applications / Mobile firmware & hardware MT9667 Mobile applications / Mobile firmware & hardware MT9669 Mobile applications / Mobile firmware & hardware MT9670 Mobile applications / Mobile firmware & hardware MT9671 Mobile applications / Mobile firmware & hardware MT9675 Mobile applications / Mobile firmware & hardware MT9679 Mobile applications / Mobile firmware & hardware MT9685 Mobile applications / Mobile firmware & hardware MT9686 Mobile applications / Mobile firmware & hardware MT9688 Mobile applications / Mobile firmware & hardware MT9900 Mobile applications / Mobile firmware & hardware MT9901 Mobile applications / Mobile firmware & hardware MT9931 Mobile applications / Mobile firmware & hardware MT9950 Mobile applications / Mobile firmware & hardware MT9969 Mobile applications / Mobile firmware & hardware MT9970 Mobile applications / Mobile firmware & hardware MT9980 Mobile applications / Mobile firmware & hardware MT9981 Mobile applications / Mobile firmware & hardware MT6779 Hardware solutions / Firmware MT6781 Hardware solutions / Firmware MT6785 Hardware solutions / Firmware MT6853 Hardware solutions / Firmware MT6873 Hardware solutions / Firmware MT6875 Hardware solutions / Firmware MT6877 Hardware solutions / Firmware MT6883 Hardware solutions / Firmware MT6885 Hardware solutions / Firmware MT6889 Hardware solutions / Firmware MT6891 Hardware solutions / Firmware MT6893 Hardware solutions / Firmware MT8797 Hardware solutions / Firmware MT6853T Hardware solutions / Firmware MT8518S Other |
Vendor | MediaTek |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
EUVDB-ID: #VU81347
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-20819
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within CDMA PPP protocol. A local application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT2731: All versions
MT6570: All versions
MT6580: All versions
MT6595: All versions
MT6732: All versions
MT6735: All versions
MT6737: All versions
MT6737M: All versions
MT6738: All versions
MT6739: All versions
MT6750: All versions
MT6750S: All versions
MT6752: All versions
MT6753: All versions
MT6755: All versions
MT6757: All versions
MT6758: All versions
MT6761: All versions
MT6762: All versions
MT6762D: All versions
MT6762M: All versions
MT6763: All versions
MT6765: All versions
MT6765T: All versions
MT6767: All versions
MT6768: All versions
MT6769: All versions
MT6769T: All versions
MT6769Z: All versions
MT6771: All versions
MT6775: All versions
MT6779: All versions
MT6781: All versions
MT6783: All versions
MT6785: All versions
MT6785T: All versions
MT6789: All versions
MT6795: All versions
MT6797: All versions
MT6799: All versions
MT6813: All versions
MT6815: All versions
MT6833: All versions
MT6835: All versions
MT6853: All versions
MT6855: All versions
MT6873: All versions
MT6875: All versions
MT6875T: All versions
MT6877: All versions
MT6878: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6886: All versions
MT6889: All versions
MT6891: All versions
MT6893: All versions
MT6895: All versions
MT6895T: All versions
MT6896: All versions
MT6897: All versions
MT6983: All versions
MT6985: All versions
MT6989: All versions
MT8666: All versions
MT8666A: All versions
MT8667: All versions
MT8673: All versions
MT8675: All versions
MT8765: All versions
MT8766: All versions
MT8766Z: All versions
MT8768: All versions
MT8768A: All versions
MT8768B: All versions
MT8768T: All versions
MT8768Z: All versions
MT8781: All versions
MT8786: All versions
MT8788: All versions
MT8788T: All versions
MT8788X: All versions
MT8788Z: All versions
MT8791: All versions
MT8791T: All versions
MT8797: All versions
MT8798: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81348
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32819
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within display. A local privileged application can gain access to sensitive information.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT6765: All versions
MT6768: All versions
MT6833: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6889: All versions
MT6893: All versions
MT6983: All versions
MT6985: All versions
MT8188: All versions
MT8195: All versions
MT8797: All versions
MT8798: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81349
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32820
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper input handling within wlan firmware. A local application can perform service disruption.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT5221: All versions
MT6781: All versions
MT6833: All versions
MT6853: All versions
MT6853T: All versions
MT6855: All versions
MT6873: All versions
MT6875: All versions
MT6877: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6886: All versions
MT6889: All versions
MT6891: All versions
MT6893: All versions
MT6895: All versions
MT6983: All versions
MT6985: All versions
MT7663: All versions
MT7668: All versions
MT7902: All versions
MT7921: All versions
MT8168: All versions
MT8365: All versions
MT8518S: All versions
MT8532: All versions
MT8666: All versions
MT8673: All versions
MT8675: All versions
MT8695: All versions
MT8766: All versions
MT8768: All versions
MT8781: All versions
MT8786: All versions
MT8789: All versions
MT8791: All versions
MT8797: All versions
MT8798: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81350
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32821
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a permissions bypass within video. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT6761: All versions
MT6763: All versions
MT6765: All versions
MT6768: All versions
MT6771: All versions
MT6779: All versions
MT6785: All versions
MT6853: All versions
MT6873: All versions
MT6885: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81351
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32822
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within ftm. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT2713: All versions
MT6739: All versions
MT6761: All versions
MT6762: All versions
MT6765: All versions
MT6768: All versions
MT6769: All versions
MT6771: All versions
MT6779: All versions
MT6781: All versions
MT6833: All versions
MT6835: All versions
MT6855: All versions
MT6877: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6886: All versions
MT6889: All versions
MT6891: All versions
MT6893: All versions
MT6895: All versions
MT6985: All versions
MT8167: All versions
MT8167S: All versions
MT8168: All versions
MT8175: All versions
MT8188: All versions
MT8195: All versions
MT8321: All versions
MT8362A: All versions
MT8365: All versions
MT8385: All versions
MT8390: All versions
MT8765: All versions
MT8766: All versions
MT8768: All versions
MT8781: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
MT8791: All versions
MT8797: All versions
MT8798: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81352
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32823
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within rpmb. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT6580: All versions
MT6739: All versions
MT6761: All versions
MT6762: All versions
MT6765: All versions
MT6768: All versions
MT6769: All versions
MT6779: All versions
MT6781: All versions
MT6785: All versions
MT6789: All versions
MT6833: All versions
MT6853: All versions
MT6853T: All versions
MT6855: All versions
MT6873: All versions
MT6875: All versions
MT6877: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6889: All versions
MT6891: All versions
MT6893: All versions
MT6895: All versions
MT6983: All versions
MT6985: All versions
MT8666: All versions
MT8765: All versions
MT8788: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81353
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32824
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to improper locking within rpmb. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT6580: All versions
MT6739: All versions
MT6761: All versions
MT6762: All versions
MT6765: All versions
MT6768: All versions
MT6769: All versions
MT6779: All versions
MT6781: All versions
MT6785: All versions
MT6789: All versions
MT6833: All versions
MT6853: All versions
MT6853T: All versions
MT6855: All versions
MT6873: All versions
MT6875: All versions
MT6877: All versions
MT6879: All versions
MT6883: All versions
MT6885: All versions
MT6889: All versions
MT6891: All versions
MT6893: All versions
MT6895: All versions
MT6983: All versions
MT6985: All versions
MT8666: All versions
MT8765: All versions
MT8788: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81354
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32826
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing input validation within camera middleware. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT6879: All versions
MT6886: All versions
MT6895: All versions
MT6983: All versions
MT6985: All versions
MT6989: All versions
MT8167: All versions
MT8167S: All versions
MT8168: All versions
MT8173: All versions
MT8175: All versions
MT8185: All versions
MT8188: All versions
MT8195: All versions
MT8321: All versions
MT8362A: All versions
MT8365: All versions
MT8385: All versions
MT8390: All versions
MT8395: All versions
MT8666: All versions
MT8673: All versions
MT8675: All versions
MT8765: All versions
MT8766: All versions
MT8768: All versions
MT8781: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
MT8791: All versions
MT8791T: All versions
MT8797: All versions
MT8798: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81355
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32827
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing input validation within camera middleware. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT6879: All versions
MT6886: All versions
MT6895: All versions
MT6983: All versions
MT6985: All versions
MT6989: All versions
MT8167: All versions
MT8167S: All versions
MT8168: All versions
MT8173: All versions
MT8175: All versions
MT8185: All versions
MT8188: All versions
MT8195: All versions
MT8321: All versions
MT8362A: All versions
MT8365: All versions
MT8385: All versions
MT8390: All versions
MT8395: All versions
MT8666: All versions
MT8673: All versions
MT8675: All versions
MT8765: All versions
MT8766: All versions
MT8768: All versions
MT8781: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
MT8791: All versions
MT8791T: All versions
MT8797: All versions
MT8798: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81356
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32828
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to an integer overflow within vpu. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT6771: All versions
MT6779: All versions
MT6785: All versions
MT6853: All versions
MT6853T: All versions
MT6873: All versions
MT6877: All versions
MT6885: All versions
MT6891: All versions
MT6893: All versions
MT8183: All versions
MT8188: All versions
MT8195: All versions
MT8390: All versions
MT8395: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81357
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32829
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to an integer overflow within apusys. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT6879: All versions
MT6886: All versions
MT6891: All versions
MT6895: All versions
MT6896: All versions
MT6983: All versions
MT6985: All versions
MT8137: All versions
MT8139: All versions
MT8188: All versions
MT8195: All versions
MT8195Z: All versions
MT8390: All versions
MT8395: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81358
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32830
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within TVAPI. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsMT5527: All versions
MT5583: All versions
MT5598: All versions
MT5599: All versions
MT5670: All versions
MT5680: All versions
MT5691: All versions
MT5695: All versions
MT5806: All versions
MT5813: All versions
MT5815: All versions
MT5816: All versions
MT5833: All versions
MT5835: All versions
MT5895: All versions
MT9010: All versions
MT9011: All versions
MT9012: All versions
MT9016: All versions
MT9020: All versions
MT9021: All versions
MT9022: All versions
MT9215: All versions
MT9216: All versions
MT9221: All versions
MT9222: All versions
MT9255: All versions
MT9256: All versions
MT9266: All versions
MT9269: All versions
MT9285: All versions
MT9286: All versions
MT9600: All versions
MT9602: All versions
MT9610: All versions
MT9612: All versions
MT9613: All versions
MT9615: All versions
MT9617: All versions
MT9629: All versions
MT9630: All versions
MT9631: All versions
MT9632: All versions
MT9633: All versions
MT9636: All versions
MT9638: All versions
MT9639: All versions
MT9649: All versions
MT9650: All versions
MT9652: All versions
MT9653: All versions
MT9660: All versions
MT9666: All versions
MT9667: All versions
MT9669: All versions
MT9670: All versions
MT9671: All versions
MT9675: All versions
MT9679: All versions
MT9685: All versions
MT9686: All versions
MT9688: All versions
MT9900: All versions
MT9901: All versions
MT9931: All versions
MT9950: All versions
MT9969: All versions
MT9970: All versions
MT9980: All versions
MT9981: All versions
CPE2.3http://corp.mediatek.com/product-security-bulletin/October-2023
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.