Out of Bounds Write Vulnerability in MediaTek Products
CVE-2023-20735
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 6 June 2023
What is CVE-2023-20735?
The vulnerability in MediaTek's vcu poses a risk due to a missing bounds check, potentially leading to an out of bounds write condition. This flaw allows an attacker to escalate privileges locally, necessitating system execution privileges for the exploit to be executed. Notably, the exploitation does not require any user interaction, making it a significant security concern. Patches have been issued under ID ALPS07645149 and the issue is tracked under ID ALPS07645178. For detailed information, refer to the MediaTek product security bulletin.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT5696, MT5836, MT5838, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8195, MT8365, MT8395, MT8673, MT8781, MT8786, MT8789, MT8791T, MT8797, MT9000, MT9015, MT9023, MT9025, MT9618, MT9649, MT9653, MT9679, MT9687, MT9689, MT9902, MT9932, MT9952, MT9972, MT9982 Android 12.0, 13.0 / Yocto 4.0 / Iot-Yocto 22.2
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved