Vulnerabilidades en MediaTek, Inc.

964 resultados
Análisis Vexday

Com 957 CVEs catalogadas, o histórico de vulnerabilidades da MediaTek, Inc. é extenso, embora a taxa de exploração ativa registrada esteja abaixo da média geral do catálogo CISA KEV — nenhuma CVE confirmada em exploração ativa no momento. O ponto de maior atenção é CVE-2024-20017, classificada como a vulnerabilidade mais perigosa no portfólio atual, com score EPSS de 0,4633, indicando probabilidade relevante de exploração em curto prazo. O tipo de falha mais recorrente é CWE-787 (escrita fora dos limites de memória), padrão que historicamente favorece execução de código arbitrário e eleva o risco de impacto crítico quando explorado. Com 30 CVEs de severidade crítica e 2 com PoC pública disponível, equipes responsáveis por dispositivos baseados em chipsets MediaTek devem priorizar a triagem dessas vulnerabilidades, especialmente as que combinam alta criticidade com código de prova de conceito acessível.

CVE-2024-20113MEDIUMIn ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System EPSS 0.1%CVE-2024-20118MEDIUMIn mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with SystEPSS 0.1%CVE-2024-20130MEDIUMIn power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with SysteEPSS 0.1%CVE-2025-20807MEDIUMIn dpe, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious EPSS 0.1%CVE-2023-20824In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure EPSS 0.1%CVE-2024-20124MEDIUMIn vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with SysteEPSS 0.1%CVE-2023-20826MEDIUMIn cta, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with nEPSS 0.1%CVE-2026-20454MEDIUMIn geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicioEPSS 0.1%CVE-2024-20122MEDIUMIn vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with SysteEPSS 0.1%CVE-2024-20123MEDIUMIn vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with SysteEPSS 0.1%CVE-2022-20110In ion, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execEPSS 0.1%CVE-2024-20117MEDIUMIn vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with SysteEPSS 0.1%CVE-2023-20825In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure EPSS 0.1%CVE-2026-20425MEDIUMIn display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malEPSS 0.1%CVE-2026-20440MEDIUMIn MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicioEPSS 0.1%CVE-2026-20443MEDIUMIn display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actEPSS 0.1%CVE-2026-20426MEDIUMIn display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malEPSS 0.1%CVE-2026-20441MEDIUMIn MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicioEPSS 0.1%CVE-2022-20097In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no aEPSS 0.1%CVE-2026-20428MEDIUMIn display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malEPSS 0.1%