Out of Bounds Write Vulnerability in Keyinstall by MediaTek
CVE-2023-20654
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 6 April 2023
What is CVE-2023-20654?
The vulnerability in MediaTek's Keyinstall arises from a missing bounds check, which can result in an out of bounds write. This security flaw may allow an attacker to escalate their privileges to system execution without needing user interaction, potentially compromising vulnerable systems. It is crucial for users and administrators to apply the necessary patches to mitigate this risk, as detailed in the security bulletin from MediaTek.
Affected Version(s)
MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8192, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891 Android 10.0, 11.0, 12.0, 13.0