Vulnerabilities > Mediatek > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-02 CVE-2023-32874 Out-of-bounds Write vulnerability in Mediatek products
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
mediatek CWE-787
critical
 9.8
9.8
2023-10-02 CVE-2023-20819 Out-of-bounds Write vulnerability in Mediatek products
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
mediatek CWE-787
critical
 9.8
9.8
2023-02-06 CVE-2021-31573 Command Injection vulnerability in Mediatek En7528 Firmware and En7580 Firmware
In Config Manager, there is a possible command injection due to improper input validation.
network
low complexity
mediatek CWE-77
critical
 9.8
9.8
2023-02-06 CVE-2021-31574 Command Injection vulnerability in Mediatek En7528 Firmware and En7580 Firmware
In Config Manager, there is a possible command injection due to improper input validation.
network
low complexity
mediatek CWE-77
critical
 9.8
9.8
2023-02-06 CVE-2021-31575 Command Injection vulnerability in Mediatek En7528 Firmware and En7580 Firmware
In Config Manager, there is a possible command injection due to improper input validation.
network
low complexity
mediatek CWE-77
critical
 9.8
9.8
2023-02-06 CVE-2021-31577 Missing Authorization vulnerability in Mediatek En7528 Firmware and En7580 Firmware
In Boa, there is a possible escalation of privilege due to a missing permission check.
network
low complexity
mediatek CWE-862
critical
 9.8
9.8
2023-02-06 CVE-2021-31578 Out-of-bounds Write vulnerability in Mediatek En7528 Firmware and En7580 Firmware
In Boa, there is a possible escalation of privilege due to a stack buffer overflow.
network
low complexity
mediatek CWE-787
critical
 9.8
9.8
2023-01-03 CVE-2022-32665 Command Injection vulnerability in Mediatek Linkit Software Development KIT 4.6.1
In Boa, there is a possible command injection due to improper input validation.
network
low complexity
mediatek CWE-77
critical
 9.8
9.8
2022-08-01 CVE-2022-26437 Use of Uninitialized Resource vulnerability in Mediatek Nbiot SDK 2.8.1
In httpclient, there is a possible out of bounds write due to uninitialized data.
network
low complexity
mediatek CWE-908
critical
 9.8
9.8
2022-07-06 CVE-2022-20083 Out-of-bounds Write vulnerability in Mediatek products
In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
mediatek CWE-787
critical
 10.0
10