Show plain JSON{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:en7580_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFFE9B98-0C16-4EBF-AE99-8163F19FD28C", "versionEndExcluding": "tlm7.3.275.0-64", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:en7580:-:*:*:*:*:*:*:*", "matchCriteriaId": "061DBB68-80AF-4016-AAE0-EE9DFDFB341B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:en7528_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D77F5BED-66A1-48F5-B662-A187C1D89E99", "versionEndExcluding": "tlm7.3.275.0-64", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:en7528:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD990C82-4C61-479B-A49F-11A3C0812AC5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In Boa, there is a possible escalation of privilege due to a stack buffer overflow. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241."}, {"lang": "es", "value": "En Boa, existe una posible escalada de privilegios debido a un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria. Esto podr\u00eda conducir a una escalada remota de privilegios por parte de un atacante pr\u00f3ximo sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: A20210008; ID del problema: OSBNB00123241."}], "id": "CVE-2021-31578", "lastModified": "2024-11-21T06:05:56.450", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-06T22:15:09.470", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-acknowledgements"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-acknowledgements"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]} 
ReportizFlow
Vulnrichment
Redhat