In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.
References
| Link | Resource |
|---|---|
| https://corp.mediatek.com/product-security-bulletin/May-2023 | Vendor Advisory |
| https://corp.mediatek.com/product-security-bulletin/May-2023 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
21 Nov 2024, 07:41
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://corp.mediatek.com/product-security-bulletin/May-2023 - Vendor Advisory |
24 May 2023, 17:07
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt5838:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9932:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9023:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9952:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9000:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt5836:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9972:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:* cpe:2.3:a:mediatek:iot_yocto:22.2:*:*:*:*:*:*:* cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9982:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9687:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9902:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* |
|
| CWE | CWE-843 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
| References | (MISC) https://corp.mediatek.com/product-security-bulletin/May-2023 - Vendor Advisory |
15 May 2023, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-05-15 22:15
Updated : 2025-01-24 17:15
NVD link : CVE-2023-20673
Mitre link : CVE-2023-20673
CVE.ORG link : CVE-2023-20673
JSON object : View
Products Affected
mediatek
- mt6769
- mt6883
- mt6779
- mt9902
- mt8791
- mt6768
- mt8781
- mt9023
- mt8789
- mt6893
- mt9653
- mt9972
- mt6855
- mt6891
- mt6873
- mt8797
- mt9000
- mt8786
- mt9932
- iot_yocto
- mt9982
- mt6875
- mt8195
- mt9689
- mt9618
- mt5836
- mt6781
- mt5696
- mt6789
- mt6889
- mt6853t
- mt9687
- mt8185
- mt9952
- mt6853
- mt9025
- mt6785
- mt6833
- mt5838
- mt6877
- mt6885
- mt8395
- android
CWE
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')