Out of Bounds Read Vulnerability in MediaTek Products
CVE-2023-20688
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 6 April 2023
What is CVE-2023-20688?
This vulnerability involves a possible out of bounds read due to a missing bounds check in certain MediaTek products. If exploited, it may allow local information disclosure while requiring system execution privileges. Notably, user interaction is not necessary for this exploitation to occur. Affected products should be patched as per Patch ID: ALPS07441821 to mitigate potential risks.
Affected Version(s)
MT2715, MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8169, MT8173, MT8175, MT8183, MT8185, MT8188, MT8192, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8891 Android 11.0, 12.0, 13.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved