Vulnerabilidades em MediaTek, Inc.

964 resultados
Análise Vexday

Com 957 CVEs catalogadas, o histórico de vulnerabilidades da MediaTek, Inc. é extenso, embora a taxa de exploração ativa registrada esteja abaixo da média geral do catálogo CISA KEV — nenhuma CVE confirmada em exploração ativa no momento. O ponto de maior atenção é CVE-2024-20017, classificada como a vulnerabilidade mais perigosa no portfólio atual, com score EPSS de 0,4633, indicando probabilidade relevante de exploração em curto prazo. O tipo de falha mais recorrente é CWE-787 (escrita fora dos limites de memória), padrão que historicamente favorece execução de código arbitrário e eleva o risco de impacto crítico quando explorado. Com 30 CVEs de severidade crítica e 2 com PoC pública disponível, equipes responsáveis por dispositivos baseados em chipsets MediaTek devem priorizar a triagem dessas vulnerabilidades, especialmente as que combinam alta criticidade com código de prova de conceito acessível.

CVE-2023-20706MEDIUMIn apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additiEPSS 0.1%CVE-2023-20703MEDIUMIn apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additiEPSS 0.1%CVE-2022-20016In vow driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System eEPSS 0.1%CVE-2023-20724In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with SyEPSS 0.1%CVE-2023-20723In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with SyEPSS 0.1%CVE-2023-20607MEDIUMIn ccu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System executioEPSS 0.1%CVE-2024-20029HIGHIn wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilegeEPSS 0.1%CVE-2023-32835MEDIUMIn keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System exeEPSS 0.1%CVE-2023-20721HIGHIn isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with SystEPSS 0.1%CVE-2023-20705MEDIUMIn apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additiEPSS 0.1%CVE-2025-20645HIGHIn KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a EPSS 0.1%CVE-2025-20668MEDIUMIn scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicioEPSS 0.1%CVE-2023-20816MEDIUMIn wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege EPSS 0.1%CVE-2023-20704MEDIUMIn apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additiEPSS 0.1%CVE-2023-20699MEDIUMIn adsp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with SystemEPSS 0.1%CVE-2022-26429In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escaEPSS 0.1%CVE-2023-20795MEDIUMIn ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System EPSS 0.1%CVE-2023-20804MEDIUMIn imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with SystEPSS 0.1%CVE-2023-32816In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure wiEPSS 0.1%CVE-2023-32830MEDIUMIn TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with SysteEPSS 0.1%