Out of Bounds Write Vulnerability in MediaTek KeyInstall
CVE-2023-20755
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 4 July 2023
What is CVE-2023-20755?
The KeyInstall component from MediaTek is susceptible to an out-of-bounds write vulnerability caused by an integer overflow. This vulnerability could potentially allow an attacker to escalate privileges locally, gaining system execution permissions without requiring user interaction. It’s crucial for users of affected versions to apply the necessary patches to mitigate the risks associated with this security flaw.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 Android 11.0, 12.0, 13.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved