Out of Bounds Write Vulnerability in MediaTek KeyInstall
CVE-2023-20784
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 7 August 2023
What is CVE-2023-20784?
A vulnerability exists in MediaTek's KeyInstall that allows an out-of-bounds write due to a missing bounds check. This flaw could enable an attacker to escalate local privileges without needing user interaction. To address this issue, MediaTek has released a patch identified as ALPS07826989. It is crucial for users of affected KeyInstall versions to apply the necessary updates promptly to safeguard their systems.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 Android 11.0, 12.0, 13.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved