CVE-2023-20747

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-20747
In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121.

4.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/June-2023 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt5836:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt5838:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9000:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9023:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9687:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9902:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9932:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9952:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9972:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9982:-:*:*:*:*:*:*:*
History

09 Jun 2023, 03:52

Type Values Removed Values Added
First Time Mediatek mt6781
Mediatek mt6769
Mediatek mt6873
Mediatek mt6877
Mediatek mt6885
Mediatek mt9618
Mediatek mt5836
Linuxfoundation iot-yocto
Mediatek mt8791
Mediatek mt6883
Mediatek mt6893
Mediatek mt5838
Google
Mediatek mt8797
Google android
Mediatek mt8365
Mediatek mt6779
Mediatek mt6889
Mediatek mt9952
Mediatek mt8781
Mediatek mt6835
Mediatek mt9000
Mediatek mt9653
Mediatek mt9902
Linuxfoundation
Mediatek mt8185
Mediatek mt9687
Mediatek mt6855
Mediatek mt6875
Mediatek mt9015
Mediatek mt6853t
Mediatek mt6833
Mediatek mt9025
Mediatek mt8786
Mediatek mt8195
Mediatek mt6785
Mediatek mt9023
Mediatek mt5696
Mediatek mt9972
Mediatek mt9679
Mediatek mt6853
Mediatek mt9982
Mediatek mt8789
Mediatek mt6789
Mediatek mt9932
Linuxfoundation yocto
Mediatek mt9649
Mediatek mt6768
Mediatek
Mediatek mt9689
Mediatek mt6891
References (MISC) https://corp.mediatek.com/product-security-bulletin/June-2023 - (MISC) https://corp.mediatek.com/product-security-bulletin/June-2023 - Vendor Advisory
CPE cpe:2.3:h:mediatek:mt9952:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9932:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9000:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt5836:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9023:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt5838:-:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9687:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9972:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9902:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9982:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 4.4
CWE CWE-843

06 Jun 2023, 13:36

Type Values Removed Values Added
New CVE
Information

Published : 2023-06-06 13:15

Updated : 2024-02-28 20:13

NVD link : CVE-2023-20747

Mitre link : CVE-2023-20747

CVE.ORG link : CVE-2023-20747

JSON object : View

Products Affected

mediatek

  • mt5696
  • mt6768
  • mt9653
  • mt9932
  • mt9952
  • mt9015
  • mt8786
  • mt6883
  • mt9679
  • mt9902
  • mt8781
  • mt6893
  • mt8797
  • mt6769
  • mt6875
  • mt6833
  • mt9649
  • mt9982
  • mt6855
  • mt8789
  • mt9000
  • mt5836
  • mt6853
  • mt6785
  • mt9687
  • mt6853t
  • mt6889
  • mt6873
  • mt6835
  • mt8185
  • mt6781
  • mt5838
  • mt8791
  • mt9972
  • mt6789
  • mt9023
  • mt8365
  • mt9689
  • mt6877
  • mt6891
  • mt8195
  • mt9025
  • mt6779
  • mt6885
  • mt9618

linuxfoundation

  • iot-yocto
  • yocto

google

  • android
CWE
CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')