CVE-2023-20725

Sažetak

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only).

Reference

https://corp.mediatek.com/product-security-bulletin/June-2023
https://corp.mediatek.com/product-security-bulletin/June-2023

CVSS

Base:	6.7
Impact:	5.9
Exploitability:	0.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

07-01-2025 - 21:15

Objavljeno

06-06-2023 - 13:15