6.7

CVE-2023-32811

In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848.

Data is provided by the National Vulnerability Database (NVD)
LinuxfoundationYocto Version4.0
   MediatekMt2713 Version-
   MediatekMt6779 Version-
   MediatekMt6781 Version-
   MediatekMt6785 Version-
   MediatekMt6789 Version-
   MediatekMt6833 Version-
   MediatekMt6835 Version-
   MediatekMt6853 Version-
   MediatekMt6855 Version-
   MediatekMt6873 Version-
   MediatekMt8168 Version-
   MediatekMt8175 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8365 Version-
   MediatekMt8666 Version-
   MediatekMt8667 Version-
   MediatekMt8673 Version-
MediatekIot Yocto Version23.0
   MediatekMt2713 Version-
   MediatekMt6779 Version-
   MediatekMt6781 Version-
   MediatekMt6785 Version-
   MediatekMt6789 Version-
   MediatekMt6833 Version-
   MediatekMt6835 Version-
   MediatekMt6853 Version-
   MediatekMt6855 Version-
   MediatekMt6873 Version-
   MediatekMt8168 Version-
   MediatekMt8175 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8365 Version-
   MediatekMt8666 Version-
   MediatekMt8667 Version-
   MediatekMt8673 Version-
GoogleAndroid Version12.0
   MediatekMt2713 Version-
   MediatekMt6779 Version-
   MediatekMt6781 Version-
   MediatekMt6785 Version-
   MediatekMt6789 Version-
   MediatekMt6833 Version-
   MediatekMt6835 Version-
   MediatekMt6853 Version-
   MediatekMt6855 Version-
   MediatekMt6873 Version-
   MediatekMt8168 Version-
   MediatekMt8175 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8365 Version-
   MediatekMt8666 Version-
   MediatekMt8667 Version-
   MediatekMt8673 Version-
GoogleAndroid Version13.0
   MediatekMt2713 Version-
   MediatekMt6779 Version-
   MediatekMt6781 Version-
   MediatekMt6785 Version-
   MediatekMt6789 Version-
   MediatekMt6833 Version-
   MediatekMt6835 Version-
   MediatekMt6853 Version-
   MediatekMt6855 Version-
   MediatekMt6873 Version-
   MediatekMt8168 Version-
   MediatekMt8175 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8365 Version-
   MediatekMt8666 Version-
   MediatekMt8667 Version-
   MediatekMt8673 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.01% 0.01
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.