CVE-2023-20823

EPSS 0.01%
Veröffentlicht 04.09.2023 03:15:08
Zuletzt bearbeitet 21.11.2024 07:41:37
Quelle security@mediatek.com
CVE-Watchlists
Login
Unerledigt
Login

In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Google ≫ Android Version12.0

   Mediatek ≫ Mt6768 Version-
   Mediatek ≫ Mt6781 Version-
   Mediatek ≫ Mt6785 Version-
   Mediatek ≫ Mt6833 Version-
   Mediatek ≫ Mt6853 Version-
   Mediatek ≫ Mt6853t Version-
   Mediatek ≫ Mt6873 Version-
   Mediatek ≫ Mt6877 Version-
   Mediatek ≫ Mt6883 Version-
   Mediatek ≫ Mt6885 Version-
   Mediatek ≫ Mt6889 Version-
   Mediatek ≫ Mt6893 Version-
   Mediatek ≫ Mt8765 Version-
   Mediatek ≫ Mt8766 Version-
   Mediatek ≫ Mt8768 Version-
   Mediatek ≫ Mt8781 Version-
   Mediatek ≫ Mt8786 Version-
   Mediatek ≫ Mt8788 Version-
   Mediatek ≫ Mt8789 Version-
   Mediatek ≫ Mt8797 Version-

Google ≫ Android Version13.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.013

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.4	0.8	3.6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://corp.mediatek.com/product-security-bulletin/September-2023

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-20823

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-20823

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-20823

EUVD