Out of Bounds Read Vulnerability in MediaTek Products
CVE-2023-20688
Key Information:
- Vendor
- MediaTek
- Vendor
- CVE Published:
- 6 April 2023
Summary
This vulnerability involves a possible out of bounds read due to a missing bounds check in certain MediaTek products. If exploited, it may allow local information disclosure while requiring system execution privileges. Notably, user interaction is not necessary for this exploitation to occur. Affected products should be patched as per Patch ID: ALPS07441821 to mitigate potential risks.
Affected Version(s)
MT2715, MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8169, MT8173, MT8175, MT8183, MT8185, MT8188, MT8192, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8891 Android 11.0, 12.0, 13.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved