CVE-2023-32821

6.7MEDIUM

Key Information:

Vendor: MediaTek
Status: Mt6761, Mt6763, Mt6765, Mt6768, Mt6771, Mt6779, Mt6785, Mt6853, Mt6873, Mt6885
Vendor: CVE Published:; 2 October 2023

Summary

In video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433.

Affected Version(s)

MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6853, MT6873, MT6885 Android 12.0, 13.0

References

https://corp.mediatek.com/product-security-bulletin/Octob...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 2, 2023
Vulnerability Reserved
May 16, 2023