Vulnerabilities > CVE-2023-20790 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 4.4 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
linuxfoundation
rdkcentral
google
openwrt
CWE-787
NVD
Published: 2023-08-07
Updated: 2023-08-09

Summary

In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.

Vulnerable Configurations

Part Description Count
Application
Linuxfoundation
2
Application
Rdkcentral
1
OS
Google
2
OS
Openwrt
2
Hardware
Mediatek
64

Common Weakness Enumeration (CWE)

References