Out of Bounds Write in Mediatek Command System
CVE-2023-20850

6.5MEDIUM

Key Information:

Vendor: MediaTek
Status: Mt2713, Mt6895, Mt6897, Mt6983, Mt8188, Mt8195, Mt8395, Mt8781
Vendor: CVE Published:; 4 September 2023

Summary

The imgsys_cmdq module within Mediatek's architecture suffers from a vulnerability that allows for an out of bounds write due to inadequate range checking. This flaw could potentially be exploited by a local user to escalate privileges, requiring system execution rights for successful attacks. User interaction is necessary to trigger this vulnerability. Affected versions can be patched with the ID ALPS07340433 to mitigate the risk associated with this issue.

Affected Version(s)

MT2713, MT6895, MT6897, MT6983, MT8188, MT8195, MT8395, MT8781 Android 11.0, 12.0 / Linux 6.1 / IOT-v23.0 / Yocto 4.0

References

https://corp.mediatek.com/product-security-bulletin/Septe...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 4, 2023
Vulnerability Reserved
Oct 28, 2022