Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for rdkb by rdkcentral

    CVE-2024-20022 (GCVE-0-2024-20022)

    Vulnerability from nvd – Published: 2024-03-04 02:43 – Updated: 2025-03-13 13:56
    VLAI
    Summary
    In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of Privilege
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    MediaTek, Inc. MT2737, MT6789, MT6835, MT6855, MT6879, MT6880, MT6886, MT6890, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8321, MT8385, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8796, MT8797, MT8798 Affected: Android 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3 / RDK-B 22Q3
    Create a notification for this product.
    mediatek mt2737 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6789 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6835 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6855 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6879 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6880 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6886 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6890 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6895 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6980 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6983 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6985 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6989 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6990 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8321 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8385 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8666 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8667 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8673 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8765 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8766 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8768 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8781 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8786 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8788 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8789 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8791 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8796 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8797 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8798 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.656Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://corp.mediatek.com/product-security-bulletin/March-2024"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt2737",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6789",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6835",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6855",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6879",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6880",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6886",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6890",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6895",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6980",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6983",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6985",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6989",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6990",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8321",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8385",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8666",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8667",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8673",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8765",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8766",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8768",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8781",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8786",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8788",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8789",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8791",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8796",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8797",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8798",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20022",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-08T05:00:25.856466Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:56:39.896Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MT2737, MT6789, MT6835, MT6855, MT6879, MT6880, MT6886, MT6890, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8321, MT8385, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8796, MT8797, MT8798",
              "vendor": "MediaTek, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3 / RDK-B 22Q3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-04T02:43:30.832Z",
            "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            "shortName": "MediaTek"
          },
          "references": [
            {
              "url": "https://corp.mediatek.com/product-security-bulletin/March-2024"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "assignerShortName": "MediaTek",
        "cveId": "CVE-2024-20022",
        "datePublished": "2024-03-04T02:43:30.832Z",
        "dateReserved": "2023-11-02T13:35:35.151Z",
        "dateUpdated": "2025-03-13T13:56:39.896Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20726 (GCVE-0-2023-20726)

    Vulnerability from nvd – Published: 2023-05-15 00:00 – Updated: 2025-01-24 15:01
    VLAI
    Summary
    In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information Disclosure
    • CWE-862 - Missing Authorization
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:14:40.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 3.3,
                  "baseSeverity": "LOW",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20726",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-24T15:00:15.127141Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-862",
                    "description": "CWE-862 Missing Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-24T15:01:08.247Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MT2731, MT2735, MT2737, MT6580, MT6739, MT6761, MT6762, MT6765, MT6767, MT6768, MT6769, MT6771, MT6779, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6980, MT6980D, MT6983, MT6985, MT6990, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
              "vendor": "MediaTek, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android 11.0, 12.0, 13.0 / OpenWrt 19.07, 21.02 / Yocto 2.6, 3.3 / RDKB 2022Q3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-15T00:00:00.000Z",
            "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            "shortName": "MediaTek"
          },
          "references": [
            {
              "url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "assignerShortName": "MediaTek",
        "cveId": "CVE-2023-20726",
        "datePublished": "2023-05-15T00:00:00.000Z",
        "dateReserved": "2022-10-28T00:00:00.000Z",
        "dateUpdated": "2025-01-24T15:01:08.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20022 (GCVE-0-2024-20022)

    Vulnerability from cvelistv5 – Published: 2024-03-04 02:43 – Updated: 2025-03-13 13:56
    VLAI
    Summary
    In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of Privilege
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    MediaTek, Inc. MT2737, MT6789, MT6835, MT6855, MT6879, MT6880, MT6886, MT6890, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8321, MT8385, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8796, MT8797, MT8798 Affected: Android 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3 / RDK-B 22Q3
    Create a notification for this product.
    mediatek mt2737 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6789 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6835 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6855 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6879 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6880 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6886 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6890 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6895 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6980 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6983 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6985 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6989 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt6990 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8321 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8385 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8666 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8667 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8673 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8765 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8766 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8768 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8781 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8786 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8788 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8789 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8791 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8796 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8797 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
    Create a notification for this product.
    mediatek mt8798 Affected: 0 , ≤ * (custom)
        cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.656Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://corp.mediatek.com/product-security-bulletin/March-2024"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt2737",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6789",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6835",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6855",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6879",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6880",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6886",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6890",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6895",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6980",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6983",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6985",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6989",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt6990",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8321",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8385",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8666",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8667",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8673",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8765",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8766",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8768",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8781",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8786",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8788",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8789",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8791",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8796",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8797",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt8798",
                "vendor": "mediatek",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20022",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-08T05:00:25.856466Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:56:39.896Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MT2737, MT6789, MT6835, MT6855, MT6879, MT6880, MT6886, MT6890, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8321, MT8385, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8796, MT8797, MT8798",
              "vendor": "MediaTek, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3 / RDK-B 22Q3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-04T02:43:30.832Z",
            "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            "shortName": "MediaTek"
          },
          "references": [
            {
              "url": "https://corp.mediatek.com/product-security-bulletin/March-2024"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "assignerShortName": "MediaTek",
        "cveId": "CVE-2024-20022",
        "datePublished": "2024-03-04T02:43:30.832Z",
        "dateReserved": "2023-11-02T13:35:35.151Z",
        "dateUpdated": "2025-03-13T13:56:39.896Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20726 (GCVE-0-2023-20726)

    Vulnerability from cvelistv5 – Published: 2023-05-15 00:00 – Updated: 2025-01-24 15:01
    VLAI
    Summary
    In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information Disclosure
    • CWE-862 - Missing Authorization
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:14:40.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 3.3,
                  "baseSeverity": "LOW",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20726",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-24T15:00:15.127141Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-862",
                    "description": "CWE-862 Missing Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-24T15:01:08.247Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MT2731, MT2735, MT2737, MT6580, MT6739, MT6761, MT6762, MT6765, MT6767, MT6768, MT6769, MT6771, MT6779, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6980, MT6980D, MT6983, MT6985, MT6990, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
              "vendor": "MediaTek, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android 11.0, 12.0, 13.0 / OpenWrt 19.07, 21.02 / Yocto 2.6, 3.3 / RDKB 2022Q3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-15T00:00:00.000Z",
            "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            "shortName": "MediaTek"
          },
          "references": [
            {
              "url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "assignerShortName": "MediaTek",
        "cveId": "CVE-2023-20726",
        "datePublished": "2023-05-15T00:00:00.000Z",
        "dateReserved": "2022-10-28T00:00:00.000Z",
        "dateUpdated": "2025-01-24T15:01:08.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }