Out of Bounds Write Vulnerability in CDMA PPP Protocol by MediaTek
CVE-2023-20819
Key Information:
- Vendor
- MediaTek
- Vendor
- CVE Published:
- 2 October 2023
Summary
The CDMA PPP protocol in MediaTek devices contains a vulnerability characterized by an out of bounds write resulting from a missing bounds check. This flaw allows an attacker to perform remote privilege escalation without requiring any user interaction or special execution privileges. The potential exploitation of this vulnerability could lead to significant security risks, making prompt attention to the issue critical. Affected users are advised to apply patches and updates to mitigate this vulnerability effectively.
Affected Version(s)
MT2731, MT6570, MT6580, MT6595, MT6732, MT6735, MT6737, MT6737M, MT6738, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6757, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6795, MT6797, MT6799, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6983, MT6985, MT6989, MT8666, MT8666A, MT8667, MT8673, MT8675, MT8765, MT8766, MT8766Z, MT8768, MT8768A, MT8768B, MT8768T, MT8768Z, MT8781, MT8786, MT8788, MT8788T, MT8788X, MT8788Z, MT8791, MT8791T, MT8797, MT8798 Modem LR11, LR12A, LR13, NR15, NR16, NR17
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved