Out of Bounds Write Vulnerability in CDMA PPP Protocol by MediaTek
CVE-2023-20819
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 2 October 2023
What is CVE-2023-20819?
The CDMA PPP protocol in MediaTek devices contains a vulnerability characterized by an out of bounds write resulting from a missing bounds check. This flaw allows an attacker to perform remote privilege escalation without requiring any user interaction or special execution privileges. The potential exploitation of this vulnerability could lead to significant security risks, making prompt attention to the issue critical. Affected users are advised to apply patches and updates to mitigate this vulnerability effectively.
Affected Version(s)
MT2731, MT6570, MT6580, MT6595, MT6732, MT6735, MT6737, MT6737M, MT6738, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6757, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6795, MT6797, MT6799, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6983, MT6985, MT6989, MT8666, MT8666A, MT8667, MT8673, MT8675, MT8765, MT8766, MT8766Z, MT8768, MT8768A, MT8768B, MT8768T, MT8768Z, MT8781, MT8786, MT8788, MT8788T, MT8788X, MT8788Z, MT8791, MT8791T, MT8797, MT8798 Modem LR11, LR12A, LR13, NR15, NR16, NR17